www.cgmoneta.com Open in urlscan Pro
3.67.141.185 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Submission: On January 04 via manual (January 4th 2024, 2:14:14 pm UTC) from US — Scanned from DE

Summary HTTP 210 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 42 IPs in 4 countries across 29 domains to perform 210 HTTP transactions. The main IP is 3.67.141.185, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.cgmoneta.com.
TLS certificate: Issued by R3 on November 12th 2023. Valid for: 3 months.

This is the only time www.cgmoneta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	3.67.141.185 3.67.141.185	16509 (AMAZON-02) (AMAZON-02)
7	65.9.95.114 65.9.95.114	16509 (AMAZON-02) (AMAZON-02)
18	18.239.69.61 18.239.69.61	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:1486	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	65.9.95.58 65.9.95.58	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:10:... 2606:4700:10::ac43:1653	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.99.71 13.32.99.71	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700:440... 2606:4700:4400::ac40:9251	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:780... 2a02:26f0:780::210:a469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
28	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 51	2606:4700::68... 2606:4700::6810:e095	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.60.28 18.245.60.28	16509 (AMAZON-02) (AMAZON-02)
1	65.9.95.89 65.9.95.89	16509 (AMAZON-02) (AMAZON-02)
2	65.9.94.26 65.9.94.26	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:455f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:400c:c0d::9b	15169 (GOOGLE) (GOOGLE)
6	3.222.32.116 3.222.32.116	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	63.33.7.61 63.33.7.61	16509 (AMAZON-02) (AMAZON-02)
3	13.227.219.101 13.227.219.101	16509 (AMAZON-02) (AMAZON-02)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:6800:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	3.89.82.132 3.89.82.132	14618 (AMAZON-AES) (AMAZON-AES)
1	54.201.135.255 54.201.135.255	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
11	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.94.137 65.9.94.137	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1d9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700::68... 2606:4700::6812:1c9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.223.218.178 34.223.218.178	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
210	42

1 3.67.141.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-141-185.eu-central-1.compute.amazonaws.com

www.cgmoneta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.95.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-114.prg50.r.cloudfront.net

irp.cdn-website.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 18.239.69.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-61.ams58.r.cloudfront.net

static.cdn-website.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:1486 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.95.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-58.prg50.r.cloudfront.net

lirp.cdn-website.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::ac43:1653 (United States)

ASN13335 (CLOUDFLARENET, US)

static.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-71.fra60.r.cloudfront.net

irp-cdn.multiscreensite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:4400::ac40:9251 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.calendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
calendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2606:4700::6810:e095 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.canva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.canva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
font-public.canva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media-public.canva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media-private.canva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.canva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
telemetry.canva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-28.fra60.r.cloudfront.net

irt-cdn.multiscreensite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-89.prg50.r.cloudfront.net

static.ziftsolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.94.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-94-26.prg50.r.cloudfront.net

d32hwlnfiv2gyn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:455f (United States)

ASN13335 (CLOUDFLARENET, US)

core.service.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.222.32.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-32-116.compute-1.amazonaws.com

rtc.multiscreensite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o13855.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.7.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-7-61.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.227.219.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-101.ams54.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:6800:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.89.82.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-82-132.compute-1.amazonaws.com

notifier-configs.airbrake.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.201.135.255 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-135-255.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.94.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-94-137.prg50.r.cloudfront.net

d3v0px0pttie1i.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1d9b (United States)

ASN13335 (CLOUDFLARENET, US)

wsmcdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6812:1c9b (United States)

ASN13335 (CLOUDFLARENET, US)

wsv3cdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.223.218.178 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-218-178.us-west-2.compute.amazonaws.com

analytics.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	canva.com 1 redirects www.canva.com — Cisco Umbrella Rank: 5589 static.canva.com — Cisco Umbrella Rank: 12289 font-public.canva.com — Cisco Umbrella Rank: 13928 media-public.canva.com — Cisco Umbrella Rank: 14433 media-private.canva.com — Cisco Umbrella Rank: 16017 media.canva.com — Cisco Umbrella Rank: 14292 telemetry.canva.com — Cisco Umbrella Rank: 6551	2 MB
32	cdn-website.com irp.cdn-website.com — Cisco Umbrella Rank: 37083 static.cdn-website.com — Cisco Umbrella Rank: 36466 lirp.cdn-website.com — Cisco Umbrella Rank: 35341	863 KB
28	tawk.to embed.tawk.to — Cisco Umbrella Rank: 12757 va.tawk.to — Cisco Umbrella Rank: 12200	233 KB
15	audioeye.com wsmcdn.audioeye.com — Cisco Umbrella Rank: 11911 wsv3cdn.audioeye.com — Cisco Umbrella Rank: 7109 analytics.audioeye.com — Cisco Umbrella Rank: 8010	310 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 625	169 KB
10	calendly.com assets.calendly.com — Cisco Umbrella Rank: 33663 calendly.com — Cisco Umbrella Rank: 23994	689 KB
8	multiscreensite.com irp-cdn.multiscreensite.com — Cisco Umbrella Rank: 97575 irt-cdn.multiscreensite.com — Cisco Umbrella Rank: 446403 rtc.multiscreensite.com — Cisco Umbrella Rank: 40145	55 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 2656 q.stripe.com — Cisco Umbrella Rank: 13887 m.stripe.com — Cisco Umbrella Rank: 2365	148 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 778 www.linkedin.com — Cisco Umbrella Rank: 944 px4.ads.linkedin.com — Cisco Umbrella Rank: 7294	5 KB
6	elfsight.com static.elfsight.com — Cisco Umbrella Rank: 21843 core.service.elfsight.com — Cisco Umbrella Rank: 25811	107 KB
3	gstatic.com www.gstatic.com	430 KB
3	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1771	28 KB
3	sentry.io o13855.ingest.sentry.io — Cisco Umbrella Rank: 23536	438 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2014 www.google.com — Cisco Umbrella Rank: 6	8 KB
3	cloudfront.net d32hwlnfiv2gyn.cloudfront.net d3v0px0pttie1i.cloudfront.net	28 KB
2	airbrake.io notifier-configs.airbrake.io — Cisco Umbrella Rank: 9889	490 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2891	16 KB
2	google.de www.google.de — Cisco Umbrella Rank: 4002	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 184	406 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	138 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 1107 p.typekit.net — Cisco Umbrella Rank: 1464	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	39 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 950	303 B
1	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 5480	11 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1429	7 KB
1	ziftsolutions.com static.ziftsolutions.com — Cisco Umbrella Rank: 251235	40 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1877	15 KB
1	cgmoneta.com www.cgmoneta.com	43 KB
210	29

	Domain	Requested by
23	embed.tawk.to	www.cgmoneta.com embed.tawk.to
18	static.cdn-website.com	www.cgmoneta.com static.cdn-website.com
15	static.canva.com	www.canva.com static.canva.com
13	wsv3cdn.audioeye.com	wsmcdn.audioeye.com wsv3cdn.audioeye.com
11	cdn.cookielaw.org	assets.calendly.com cdn.cookielaw.org www.cgmoneta.com
10	media-public.canva.com	www.canva.com static.canva.com
8	www.canva.com	1 redirects www.cgmoneta.com www.canva.com static.canva.com
7	lirp.cdn-website.com	www.cgmoneta.com
7	irp.cdn-website.com	www.cgmoneta.com irp.cdn-website.com
6	media.canva.com	www.canva.com
6	media-private.canva.com	www.canva.com
6	rtc.multiscreensite.com	static.cdn-website.com
5	va.tawk.to	embed.tawk.to
5	calendly.com	assets.calendly.com
5	assets.calendly.com	www.cgmoneta.com calendly.com assets.calendly.com
5	static.elfsight.com	www.cgmoneta.com static.elfsight.com
4	font-public.canva.com	static.canva.com www.canva.com
4	px.ads.linkedin.com	3 redirects snap.licdn.com
3	www.gstatic.com	www.recaptcha.net
3	www.recaptcha.net	assets.calendly.com www.gstatic.com www.recaptcha.net
3	q.stripe.com	www.cgmoneta.com
3	js.stripe.com	assets.calendly.com js.stripe.com
3	o13855.ingest.sentry.io	static.canva.com
2	telemetry.canva.com	static.canva.com
2	notifier-configs.airbrake.io	assets.calendly.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.google.com	www.cgmoneta.com www.gstatic.com
2	www.google.de	www.cgmoneta.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	d32hwlnfiv2gyn.cloudfront.net	www.cgmoneta.com
2	www.googletagmanager.com	www.cgmoneta.com www.googletagmanager.com
1	cdn.jsdelivr.net	embed.tawk.to
1	analytics.audioeye.com	wsv3cdn.audioeye.com
1	wsmcdn.audioeye.com	www.cgmoneta.com
1	d3v0px0pttie1i.cloudfront.net	www.cgmoneta.com
1	geolocation.onetrust.com	assets.calendly.com
1	m.stripe.com	m.stripe.network
1	w.usabilla.com	calendly.com
1	static.cloudflareinsights.com	www.canva.com
1	region1.analytics.google.com	www.googletagmanager.com
1	px4.ads.linkedin.com	www.cgmoneta.com
1	www.linkedin.com	1 redirects
1	core.service.elfsight.com	static.elfsight.com
1	static.ziftsolutions.com	www.cgmoneta.com
1	snap.licdn.com	www.cgmoneta.com
1	irt-cdn.multiscreensite.com	www.cgmoneta.com
1	p.typekit.net	use.typekit.net
1	irp-cdn.multiscreensite.com	www.cgmoneta.com
1	use.typekit.net	www.cgmoneta.com
1	www.cgmoneta.com
210	51

This site contains links to these domains. Also see Links.

Domain
www.adhcunderpayments.com
www.canva.com
facebook.com
linkedin.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
www.cgmoneta.com R3	`2023-11-12` - `2024-02-10`	3 months	crt.sh
multiscreensite.com R3	`2023-11-25` - `2024-02-23`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
static.elfsight.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
calendly.com E1	`2023-12-06` - `2024-03-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
canva.com GTS CA 1P5	`2023-11-23` - `2024-02-21`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.ziftsolutions.com Amazon RSA 2048 M02	`2023-07-17` - `2024-08-14`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
elfsight.com Cloudflare Inc ECC CA-3	`2023-09-08` - `2024-09-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
w.usabilla.com Amazon RSA 2048 M02	`2023-12-12` - `2025-01-09`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
*.airbrake.io SSL.com RSA SSL subCA	`2023-10-11` - `2024-11-10`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
report-prod.audioeye.com Amazon RSA 2048 M02	`2023-09-17` - `2024-10-16`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Frame ID: C34DF516B968D8908C3FC819C19E3636
Requests: 99 HTTP requests in this frame

Frame: https://www.canva.com/design/DAF291Rb8ro/view?embed
Frame ID: F723334C64664850C3D430582E2BA09C
Requests: 56 HTTP requests in this frame

Frame: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline
Frame ID: 3A6894883C74AC1DC26DF52B5F1EB6AB
Requests: 28 HTTP requests in this frame

Frame: https://www.canva.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 6720C8D4176FCDBE876B33CE5D680843
Requests: 2 HTTP requests in this frame

Frame: https://w.usabilla.com/dc9688c7588b.js?lv=1
Frame ID: CFF7ED0A40B3A489A3F943330305096F
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 3EC6B0B3BC14E9AB585B22A8FC707857
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: DBB8237E5EE2E91FE78D538EBC43CC73
Requests: 4 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=n87gqfjor06j
Frame ID: 28A9359109DE221B46E5B9A8A2753499
Requests: 5 HTTP requests in this frame

Frame: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=226ebee
Frame ID: 3CED043AED4385B3E81927C39F4E21F2
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/bubble-widget.css
Frame ID: 60FE3FD8EB0572A886939B6DF8C49A6B
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/min-widget.css
Frame ID: 9F1D7F5A31F0826397AEA8D1B1700058
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/message-preview.css
Frame ID: 25A07E187E55FB93CD1BE311B91BF6F5
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/max-widget.css
Frame ID: E52CDB67C0DF58403229EB0AD22A9662
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ADHC Underpayments close carousel

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Calendly (Appointment scheduling) Expand

Overall confidence: 100%
Detected patterns

https://assets\.calendly\.com/assets/external/widget\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

210
Requests

97 %
HTTPS

56 %
IPv6

29
Domains

51
Subdomains

42
IPs

4
Countries

5387 kB
Transfer

13949 kB
Size

36
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://www.adhcunderpayments.com/
Title: ADHC Underpayments Website

Search URL Search Domain Scan URL

URL: https://www.canva.com/design/DAF291Rb8ro/view?utm_content=DAF291Rb8ro&utm_campaign=designshare&utm_medium=embeds&utm_source=link
Title: ADHC Underpayments Deck

Search URL Search Domain Scan URL

URL: https://facebook.com/cgmoneta

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/cgmonetallc

Search URL Search Domain Scan URL

URL: https://twitter.com/cgmoneta

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCydSNzyw5Tzx04ajKqVyXqQ/featured?view_as=subscriber

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1704377648759&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1704377648759&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2226289%26time%3D1704377648759%26url%3Dhttps%253A%252F%252Fwww.cgmoneta.com%252Fadhc-underpayments-client-intake-form%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1704377648759&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1704377648759&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&cookiesTest=true&liSync=true&e_ipv6=AQJWMdCuIuBA-AAAAYzU0wmrGYbxhFhXxkSDPX7RCRwvRAMV1MbJqrC--oYbXY6_q1m18qL9cUw3scE60ldbiBIaid0mTQ

Request Chain 84

https://www.canva.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.canva.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

210 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request adhc-underpayments-client-intake-form Show response
www.cgmoneta.com/ 304 KB
43 KB 798ms
18ms Document
text/html 3.67.141.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.67.141.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-67-141-185.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7df559f51aab78c9842bd765d911ac6a258b2a2da0dec3c24ae18642aa88564f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 43917
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=utf-8
d-cache: from-cache
d-geo: EU
date: Thu, 04 Jan 2024 14:14:07 GMT
server: nginx
strict-transport-security: max-age=31536000; preload
vary: user-agent,accept-encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 css2
irp.cdn-website.com/fonts/ 67 KB
3 KB 146ms
72ms Stylesheet
text/css 65.9.95.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/css2?family=Prata:ital,wght@0,400&family=Cardo:ital,wght@0,400;0,700;1,400&family=Spartan:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Rozha+One:ital,wght@0,400&family=Oswald:ital,wght@0,200..700;1,200..700&family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Open+Sans:ital,wght@0,300..800;1,300..800&subset=latin-ext&display=swap
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-114.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: ab564ccef2a5da9e06b41adbceade2802671601bea61b27f9d01aafd49ef99c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 19:53:14 GMT
content-encoding: br
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
age: 152453
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: iwk-Mrpc6r2gl2SE93iFY0wzUDWCsg9X9c7dYpm0HhA_WoE0wkiVuA==

GET
H2 200 d-css-runtime-desktop-one-package-structured-global.min.css
static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/css/ 205 KB
26 KB 85ms
15ms Stylesheet
text/css 18.239.69.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a56c6ae07dda2c74a4af952a7705a6e94ba3a4bf2e0f32453593080259e1aa8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:08:16 GMT
x-amz-version-id: qfvrJl8zjp_qMiVKZthv3DKlwf.6b3jE
content-encoding: br
via: 1.1 38ff23673937c3eba42a4eefb2007078.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P4
age: 345952
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 31 Dec 2023 13:58:29 GMT
server: AmazonS3
etag: W/"24db8df31a832c94b337b62eb6518a3f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: XzwXFTM8oRNuj40uhTWYonH_KNOqqhI2SX6nN5ThOc06raqesNz3qw==

GET
H2 200 768a4c7c39d5403efa67d8006729be2c.css
irp.cdn-website.com/WIDGET_CSS/production_4049/ 28 KB
5 KB 98ms
23ms Stylesheet
text/css 65.9.95.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/WIDGET_CSS/production_4049/768a4c7c39d5403efa67d8006729be2c.css
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-114.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 394c0bddc899c04cfa8a8f958b1fded78ed4045aa5c47d1a14b074dfed975fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:10:52 GMT
x-amz-version-id: jR5dDAYjafvniXj5ushvFdqAMTp8226D
content-encoding: br
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 345795
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 31 Dec 2023 14:08:54 GMT
server: AmazonS3
etag: W/"d353fde0e26d0e7d1ca7079d2dfb3ff6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: 1SSLduXqy5c4mwIm4G1Z0O08JDQhGULLA8Z2rRfJ83Tr3qu-SEh4Eg==

GET
H2 200 74b8fd56_1.min.css
irp.cdn-website.com/74b8fd56/files/ 259 KB
30 KB 570ms
496ms Stylesheet
text/css 65.9.95.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/74b8fd56/files/74b8fd56_1.min.css?v=1839
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-114.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c539a052bb796aae20cec8e40ea3cf6431ee917b292e981785cdb4f27c5aa41e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
x-amz-version-id: EcXzeyvk3A8zNlhgTHFIVnL53S7SLKom
content-encoding: br
last-modified: Sun, 31 Dec 2023 15:09:01 GMT
server: AmazonS3
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"6fcb6422a8b14868e0efbbb2aba579b3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 9kzTh3gYSG1fd-SC2rtQZqk4a4k7yZAG_cJxfdSl4d9ADoCXZ1-5XA==

GET
H2 200 xhu4fvu.css
use.typekit.net/ 2 KB
860 B 213ms
157ms Stylesheet
text/css 2a02:26f0:3500:16::215:1486
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/xhu4fvu.css

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3f3fe9842edf7f8240031c134670cc14e2227568ce15089e5d1f8a7ca7d1e6ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 04 Jan 2024 14:14:07 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 637

GET
H2 200 CG-Moneta-LLC-Logo-1920w.png
lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/ 11 KB
11 KB 122ms
68ms Image
image/webp 65.9.95.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/CG-Moneta-LLC-Logo-1920w.png
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-58.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aeb9307c39bd0783b05b8ef1f00cdbc7290f0095068cc51b938d1fc681a8cb85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 03:09:04 GMT
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 212703
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 11008
x-amz-expiration: expiry-date="Sun, 04 Feb 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Mon, 07 Aug 2023 17:01:29 GMT
server: AmazonS3
etag: "daf56eb9b7ba63b0e1f3b6678591230d"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: OaMDgGBbMQKJz-4Em6g99oXTh09G1oKiXzFj9r68y2VHeFVRgYmPaQ==

GET
H2 200 CG-Moneta-Consulting-3-41055b6a-0e779f68-e8adb833-1920w.png
lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/ 19 KB
19 KB 84ms
43ms Image
image/webp 65.9.95.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/CG-Moneta-Consulting-3-41055b6a-0e779f68-e8adb833-1920w.png
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-58.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b11bb1c127012d3fd77e3ec2877936533e5c8fce15137a8dbddf7acbd0107f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 03:09:04 GMT
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 212704
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 19022
x-amz-expiration: expiry-date="Tue, 23 Jan 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Wed, 26 Jul 2023 20:09:10 GMT
server: AmazonS3
etag: "0b010ef2ac8082067d1dbfc8663b2976"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: gjnEeXjhkylmPMyzSnkO03AD-p6W14lZD__YBDVWpVDuAuMXr5Lj3w==

GET
H2 200 platform.js Show response
static.elfsight.com/platform/ 49 KB
17 KB 52ms
22ms Script
application/javascript 2606:4700:10::ac43:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/platform/platform.js

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b351fe1e6843dcb15b8895144bf1825a4695ff99128eb086b522ed959b0e01c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:07 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx0000071ef656770190387-00657b6fc3-536a3570-sfo2a
age: 602624
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Nov 2023 12:13:36 GMT
server: cloudflare
etag: W/"2063d9765e1647d954e5344382c692a1"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/javascript
x-do-cdn-uuid: e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type: Normal
cache-control: max-age=604800
cf-ray: 8404160a7bb15d3a-FRA

GET
H2 200 Doc-139c44db-1920w.png
lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/ 20 KB
20 KB 591ms
551ms Image
image/webp 65.9.95.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/Doc-139c44db-1920w.png
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-58.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e71ad441d3743415616e89da3ed1b5e524c9014065e0628b49330b8f4992219e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Fri, 29 Mar 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Sat, 30 Sep 2023 12:52:49 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: "bf714887782e0b4afd1391423c036bfa"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 20376
x-amz-cf-id: scUpoGSwtlS6IAO9hK4OC2h8QfgRvLBn-g4g5Vcf1fAcrRfYyTTMxQ==

GET
H2 200 shape.svg
irp-cdn.multiscreensite.com/md/dmtmpl/f92e67d5-4d2a-45d6-b2c2-e37684c0f1c6/dms3rep/multi/ 6 KB
2 KB 67ms
8ms Image
image/svg+xml 13.32.99.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://irp-cdn.multiscreensite.com/md/dmtmpl/f92e67d5-4d2a-45d6-b2c2-e37684c0f1c6/dms3rep/multi/shape.svg
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-71.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae5849b3e31df5d935556c4c19fcc98f5eaec2c9dc65f7f526981e3fb3573a41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 01:23:36 GMT
content-encoding: br
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-version-id: fH9h0CqzjabdQ3dzWw_JtrMWLuKRkyBr
last-modified: Sun, 31 Jan 2021 12:24:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 46231
etag: W/"281857b5aec39c3bfcd657846a8c5cd7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: sj0oA9Vj1NspRZ3mnwnB26_2cMek0qrNvnl6IlGHa68Q9OqNLyrkAQ==

GET
H2 200 widget.js Show response
assets.calendly.com/assets/external/ 53 KB
19 KB 156ms
130ms Script
application/javascript 2606:4700:4400::ac40:9251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/external/widget.js

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb9b294b344cf47c2af14fafe8528fccc545cb25b9325802a3bd1b0696171b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 21 Dec 2023 13:32:05 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"3be18f0a18cf9980a421cf1577f639f4"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=300
cf-ray: 8404160a7f021c36-FRA
expires: Fri, 05 Jan 2024 14:14:07 GMT

GET
H2 200 Yellow+CG+Moneta+Logo-1920w.png
lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/ 25 KB
25 KB 484ms
446ms Image
image/png 65.9.95.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/Yellow+CG+Moneta+Logo-1920w.png
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-58.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3d25baae1c76af26f76b14f103a4c652f50f2a2c37d1ed3d524dc49f2af8e8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sat, 09 Mar 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Sun, 10 Sep 2023 20:52:56 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: "1c41374c3508c1fa0bbb8dbe21a3c053"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 25245
x-amz-cf-id: okBrTan9Kztv_dkbqZvQ0pUJx8nxUc1MXFpaSqnvHrcwQpjoLKHAyA==

GET
H2 200 jquery-3.7.0.min.js Show response
static.cdn-website.com/libs/jquery/ 85 KB
30 KB 80ms
26ms Script
text/javascript 18.239.69.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/libs/jquery/jquery-3.7.0.min.js
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: JlB87n.8JeSlNMpjtnQ7ZQFJjIuOXDIf
content-encoding: br
via: 1.1 38ff23673937c3eba42a4eefb2007078.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 13:55:38 GMT
x-amz-cf-pop: AMS58-P4
age: 87510
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 10 Jul 2023 14:02:06 GMT
server: AmazonS3
etag: W/"e6c2415c0ace414e5153670314ce99a9"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: j3tblgv7FpjRxhblYjjlpWSw8GBREcaH-gCh2jsByML1GbLbDeINIQ==

GET
H2 200 d-js-one-runtime-unified-desktop.min.js Show response
static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/scripts/ 363 KB
101 KB 84ms
30ms Script
application/javascript 18.239.69.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dff9856e494b542b5a6bb32ff8cc6bc600fb37106d86525fffb038bf103c73fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:08:16 GMT
x-amz-version-id: 0qDajAmkd8MIgUBc76K0SrNaEaAXoRa5
content-encoding: br
via: 1.1 38ff23673937c3eba42a4eefb2007078.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P4
age: 345951
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 31 Dec 2023 13:58:30 GMT
server: AmazonS3
etag: W/"4556f6493bebc1ad5a4cf892d3e3b743"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: S2_AylDt_tAhQm3mgCmn4AHWk6MgCOJaNNz3QDN7yfD5vrrRsC6oiA==

GET
H2 200 d-js-jquery-migrate.min.js Show response
static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/scripts/ 11 KB
5 KB 97ms
43ms Script
application/javascript 18.239.69.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/scripts/d-js-jquery-migrate.min.js
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2647b69391c43bb261499c03d1fdf45b6be4eb7b27e404b52fcd73af15172df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:08:17 GMT
x-amz-version-id: ZZqnh7BdOb5GPC0elDysR09xGGoiT8xD
content-encoding: br
via: 1.1 38ff23673937c3eba42a4eefb2007078.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P4
age: 345951
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 31 Dec 2023 13:58:30 GMT
server: AmazonS3
etag: W/"0c0a1fa81ed04355cd2c63c134163cc0"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 638Afx4xVi2rJQMrv6DgonqS8sWNuxKKBdafrlymuhlR7tkI6tWwpw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 42ms
20ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-152012684-1

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73d0e42130afbf347a5913bb2d3c29ae6dbd2c870191f596c218953accdeebeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51578
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jan 2024 14:14:07 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 100ms
20ms Stylesheet
text/css 2a02:26f0:780::210:a469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=xhu4fvu&ht=tk&f=15665.15666&a=3613173&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/xhu4fvu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:08 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 404 1fdsff8os
embed.tawk.to/61251c94649e0a0a5cd2b8b4/ 0
0 42ms
15ms Script
application/x-javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/61251c94649e0a0a5cd2b8b4/1fdsff8os

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:08 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
server: cloudflare
age: 152445
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, s-maxage=2592000
cf-ray: 8404160faa884db6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 view Show response
www.canva.com/design/DAF291Rb8ro/ Frame F723 238 KB
36 KB 363ms
329ms Document
text/html 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canva.com/design/DAF291Rb8ro/view?embed

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8ab013b3fd566fdd457b27613864d32d00a0a2bd5d888ea3b754381d8dc8683

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' 'nonce-Td6UnxBvW8NUH2vhp5s0fA'; report-uri https://csp.canva.com/_cspreport?source=web2&requestId=8404160ffc1590ec&app=embed&policyHash=f66310fe
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cgmoneta.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 8404160ffc1590ec-FRA
content-encoding: br
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' 'nonce-Td6UnxBvW8NUH2vhp5s0fA'; report-uri https://csp.canva.com/_cspreport?source=web2&requestId=8404160ffc1590ec&app=embed&policyHash=f66310fe
content-type: text/html;charset=utf-8
date: Thu, 04 Jan 2024 14:14:08 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: CP=Canva does not have a P3P Policy.
pragma: No-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfoJT4zsezahiAI4HJsuHwU8Z%2Bd6bxsa442QiAylRGm2gmoch1r7JBpIKK1PI%2BFteLIZfU%2BDvPVyjWAqUqerxkexJ82uJSo4HwE19QkaUSpY%2F5%2BKEUnfgYmmzpwYF482OFDB9%2Bg2O9Dx7eU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-request-id: 8404160ffc1590ec
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

GET
H2 200 Website+Page+Graphic+-+Doctors-2880w.png
lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/ 53 KB
54 KB 48ms
39ms Image
image/webp 65.9.95.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/Website+Page+Graphic+-+Doctors-2880w.png
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-58.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2664a4943793f01857aa918698cc3486caaf1d67db65cc22ea1230342c993fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:19:46 GMT
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 147263
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 54310
x-amz-expiration: expiry-date="Sun, 25 Feb 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Mon, 28 Aug 2023 15:40:22 GMT
server: AmazonS3
etag: "93b1abc4f1905fab3401fbbad48457f3"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: dY-SF4PiahxY1272pbGXXQPbSEdnT9HyEW7JK-tBT1I576caDZiHgQ==

GET
H2 200 Collage+Graphics-2880w.png
lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/ 118 KB
118 KB 514ms
506ms Image
image/webp 65.9.95.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/Collage+Graphics-2880w.png
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-58.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d592f442f31831cd13e4b8fb407216d5d3a7c6cfc9f0a35dc63bb246742cded

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sun, 25 Feb 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Mon, 28 Aug 2023 15:40:23 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: "5fc67e519ddcb05295c432c2f5995006"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 120462
x-amz-cf-id: ADUq92Z1h7CWil4YldDuOl_d9QZs_MUJmDp9lmx8LkGvCG9Jq9-5QA==

GET
H2 200 Collage+Graphics+2-2880w.png
lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/ 124 KB
124 KB 244ms
236ms Image
image/webp 65.9.95.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/74b8fd56/dms3rep/multi/opt/Collage+Graphics+2-2880w.png
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-58.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bac77166a80b9444c3f91de078ad9673f4102c9180374de58b3e9d55161ef451

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sun, 25 Feb 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Mon, 28 Aug 2023 15:40:23 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: "70359aae3e7a718f623fedf5f70510ca"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 126646
x-amz-cf-id: se7ewMX19irI4F_R564Q4YypklCLUHhAVZMI6dfxADkIvTWt8aq5gg==

GET
H2 200 hand_holdinh_iPhone_mockup.jpg
irt-cdn.multiscreensite.com/md/dmtmpl/dms3rep/multi/ 52 KB
53 KB 61ms
7ms Image
image/jpeg 18.245.60.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://irt-cdn.multiscreensite.com/md/dmtmpl/dms3rep/multi/hand_holdinh_iPhone_mockup.jpg
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-28.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: babceb84f686bd4e9dab63be7a2bb76f5ccd0251337ff1584357d2eb1df30825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: A0_bqCsJ.FNWowJVU4RHahdQ7U8DnRZm
date: Thu, 04 Jan 2024 00:13:21 GMT
via: 1.1 bd96095bb3c15c742ab4d72d1fecba6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 50448
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 53391
last-modified: Mon, 20 Apr 2020 10:38:12 GMT
server: AmazonS3
etag: "820d2d78f144c7be2f0a4ff6e9f386f9"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: cxTAzq7n8OufWxkPvxdL2PnNGAa4e2EaSQEQ3NKv_yrazCfTZGZ9hA==

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
irp.cdn-website.com/fonts/s/sourcesanspro/v22/ 15 KB
15 KB 54ms
26ms Font
font/woff2 65.9.95.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css2?family=Prata:ital,wght@0,400&family=Cardo:ital,wght@0,400;0,700;1,400&family=Spartan:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Rozha+One:ital,wght@0,400&family=Oswald:ital,wght@0,200..700;1,200..700&family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Open+Sans:ital,wght@0,300..800;1,300..800&subset=latin-ext&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.95.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-114.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Request headers

Referer: https://irp.cdn-website.com/fonts/css2?family=Prata:ital,wght@0,400&family=Cardo:ital,wght@0,400;0,700;1,400&family=Spartan:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Rozha+One:ital,wght@0,400&family=Oswald:ital,wght@0,200..700;1,200..700&family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Open+Sans:ital,wght@0,300..800;1,300..800&subset=latin-ext&display=swap
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 15:57:39 GMT
via: 1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
server: CloudFront
age: 771389
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
content-length: 14892
x-amz-cf-id: 7GbEGWSkyCdGP-4vb4Trxq-nz9pXIJh7S8ybp2FdwnQx10ckehFSGA==

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 fontawesome-webfont.woff
static.cdn-website.com/fonts/ 96 KB
96 KB 33ms
14ms Font
application/font-woff 18.239.69.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/fonts/fontawesome-webfont.woff?v=6
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.239.69.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: bR46Z9gnVogjFEVmln4nlzTlCUFntZSU
date: Wed, 03 Jan 2024 08:55:25 GMT
via: 1.1 38ff23673937c3eba42a4eefb2007078.cloudfront.net (CloudFront)
age: 105524
x-amz-cf-pop: AMS58-P4
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 98024
last-modified: Wed, 05 Jun 2019 08:06:55 GMT
server: AmazonS3
etag: "fee66e712a8a08eef5805a46892932ad"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: qgzYPJ1PqkjPEqsfSNGTvfozwy7EpnEaOBbMG8Ij-ICMdBHauLzedA==

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
irp.cdn-website.com/fonts/s/opensans/v40/ 47 KB
47 KB 70ms
47ms Font
font/woff2 65.9.95.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css2?family=Prata:ital,wght@0,400&family=Cardo:ital,wght@0,400;0,700;1,400&family=Spartan:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Rozha+One:ital,wght@0,400&family=Oswald:ital,wght@0,200..700;1,200..700&family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Open+Sans:ital,wght@0,300..800;1,300..800&subset=latin-ext&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.95.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-114.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Request headers

Referer: https://irp.cdn-website.com/fonts/css2?family=Prata:ital,wght@0,400&family=Cardo:ital,wght@0,400;0,700;1,400&family=Spartan:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Rozha+One:ital,wght@0,400&family=Oswald:ital,wght@0,200..700;1,200..700&family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Open+Sans:ital,wght@0,300..800;1,300..800&subset=latin-ext&display=swap
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 10:47:24 GMT
via: 1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
server: CloudFront
age: 185204
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
content-length: 48236
x-amz-cf-id: yoc81xAhJfFVtilAUjLRWiBAQoM67d_FbhpJLimc7WSJfJmnAnxnUA==

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
irp.cdn-website.com/fonts/s/sourcesanspro/v22/ 14 KB
15 KB 50ms
27ms Font
font/woff2 65.9.95.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css2?family=Prata:ital,wght@0,400&family=Cardo:ital,wght@0,400;0,700;1,400&family=Spartan:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Rozha+One:ital,wght@0,400&family=Oswald:ital,wght@0,200..700;1,200..700&family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Open+Sans:ital,wght@0,300..800;1,300..800&subset=latin-ext&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.95.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-114.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Request headers

Referer: https://irp.cdn-website.com/fonts/css2?family=Prata:ital,wght@0,400&family=Cardo:ital,wght@0,400;0,700;1,400&family=Spartan:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Rozha+One:ital,wght@0,400&family=Oswald:ital,wght@0,200..700;1,200..700&family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Open+Sans:ital,wght@0,300..800;1,300..800&subset=latin-ext&display=swap
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 02:50:00 GMT
via: 1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
server: CloudFront
age: 732248
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
content-length: 14712
x-amz-cf-id: Z-SkjM-Rbwwz7XiR7Y7c5Bpk7SjQfVtt040LWogGs0tIiq3TEtXXtA==

GET
H3 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
irp.cdn-website.com/fonts/s/sourcesanspro/v22/ 14 KB
14 KB 40ms
25ms Font
font/woff2 65.9.95.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css2?family=Prata:ital,wght@0,400&family=Cardo:ital,wght@0,400;0,700;1,400&family=Spartan:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Rozha+One:ital,wght@0,400&family=Oswald:ital,wght@0,200..700;1,200..700&family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Open+Sans:ital,wght@0,300..800;1,300..800&subset=latin-ext&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.95.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-114.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9

Request headers

Referer: https://irp.cdn-website.com/fonts/css2?family=Prata:ital,wght@0,400&family=Cardo:ital,wght@0,400;0,700;1,400&family=Spartan:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Rozha+One:ital,wght@0,400&family=Oswald:ital,wght@0,200..700;1,200..700&family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Open+Sans:ital,wght@0,300..800;1,300..800&subset=latin-ext&display=swap
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 01:20:19 GMT
via: 1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
server: CloudFront
age: 46429
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
content-length: 14160
x-amz-cf-id: um2dgdU7Noz597AOfOD88fKsNCN8PeWkYexTEviLsd9OZru64S95Jw==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 42 KB
15 KB 58ms
14ms Script
application/javascript 2a02:26f0:3500:16::215:1486
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 13:09:33 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=58315
accept-ranges: bytes
content-length: 15541

GET
H2 200 8a9982be7a97ad83017a97b409b300b1.js Show response
static.ziftsolutions.com/analytics/ 39 KB
40 KB 541ms
462ms Script
text/javascript 65.9.95.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ziftsolutions.com/analytics/8a9982be7a97ad83017a97b409b300b1.js

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-89.prg50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

41efb03115df0cd1aec6d2a3d54e1d5882e0e66dcfbb3387b17ee979acc19528

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' ziftsolutions.ccindex.cn .ziftsolutions.com .staging.ziftone.com .ziftone.com .google-analytics.com blob: ; img-src 'self' http: https: ziftsolutions.ccindex.cn .ziftsolutions.com s3.amazonaws.com .google-analytics.com data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: checkout.stripe.com .ziftsolutions.com .ziftone.com .getbee.io .googleapis.com .google-analytics.com .zdassets.com .googletagmanager.com .google.com .pendo.io browser-update.org static.zdassets.com s3.amazonaws.com .zopim.com .churnzero.net .marketo.com data: ; connect-src 'self' https: ziftsolutions.ccindex.cn .ziftsolutions.com .ziftone.com .zift123.com .zendesk.com .zdassets.com .zopim.com wss://widget-mediator.zopim.com .churnzero.net .getbee.io .google-analytics.com data: ; style-src 'self' 'unsafe-inline' https: ; font-src 'self' https: data:; media-src 'self' https: ziftsolutions.ccindex.cn .ziftsolutions.com .zift123.com .ziftone.com .looker.com .ziftmarcom.com .lenovo.com; object-src 'self' https: .ziftsolutions.com .ziftsolutions.com .zift123.com .ziftone.com .looker.com .ziftmarcom.com; frame-src 'self' https: .onserro.com .onserrodemo.com ziftsolutions.ccindex.cn .ziftsolutions.com .zift123.com .staging.ziftone.com .ziftone.com .looker.com .ziftmarcom.com .getbee.io .getbee.com; frame-ancestors 'self' https: .onserro.com .onserrodemo.com ziftsolutions.ccindex.cn .ziftsolutions.com .zift123.com .ziftone.com .looker.com .ziftmarcom.com;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
x-amz-version-id: 7AvEZe.lKvy5bggYYjoFBRM8wUPSoCKt
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
content-security-policy: upgrade-insecure-requests; default-src 'self' ziftsolutions.ccindex.cn *.ziftsolutions.com *.staging.ziftone.com *.ziftone.com *.google-analytics.com blob: ; img-src 'self' http: https: ziftsolutions.ccindex.cn *.ziftsolutions.com s3.amazonaws.com *.google-analytics.com data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: checkout.stripe.com *.ziftsolutions.com *.ziftone.com *.getbee.io *.googleapis.com *.google-analytics.com *.zdassets.com *.googletagmanager.com *.google.com *.pendo.io browser-update.org static.zdassets.com s3.amazonaws.com *.zopim.com *.churnzero.net *.marketo.com data: ; connect-src 'self' https: ziftsolutions.ccindex.cn *.ziftsolutions.com *.ziftone.com *.zift123.com *.zendesk.com *.zdassets.com *.zopim.com wss://widget-mediator.zopim.com *.churnzero.net *.getbee.io *.google-analytics.com data: ; style-src 'self' 'unsafe-inline' https: ; font-src 'self' https: data:; media-src 'self' https: ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com *.lenovo.com; object-src 'self' https: *.ziftsolutions.com *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com; frame-src 'self' https: *.onserro.com *.onserrodemo.com ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.staging.ziftone.com *.ziftone.com *.looker.com *.ziftmarcom.com *.getbee.io *.getbee.com; frame-ancestors 'self' https: *.onserro.com *.onserrodemo.com ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com;
x-amz-request-id: EHAXB35M6VKHX7AT
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 39472
x-amz-id-2: QV6CX0kTpk9wvRiKmIj3tx4T28OSk3sTzJowhtLJGgDCRZHSAx/PHnn7UeeNE2hHvRhdskb076twCndOezhNKlFT5Z1mKkEQ86t231NePCY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Aug 2023 13:12:03 GMT
server: AmazonS3
x-amz-meta-channel-marketing-service: Zift Solutions
etag: "714ff1d0a691ad799db64acda7cde610"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
x-robots-tag: noindex
x-amz-cf-id: kxM7VDsWI7NRLct65qAm6byss-T3Y3x3-0QDGuxFF3hZ0DY55wPtFw==

GET
H3 200 dm-social-icons.ttf
static.cdn-website.com/fonts/social_icons/ 7 KB
5 KB 14ms
14ms Font
font/ttf 18.239.69.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/fonts/social_icons/dm-social-icons.ttf?v=xtwitter
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.239.69.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cdb1ac36dd2829866f08390c3e81d461cb56d55d2560e64363492ffb5c3403fa

Request headers

Referer: https://static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: SnRg4BCe_t8.mDksTi8_1rrWfeVHsdOl
content-encoding: gzip
via: 1.1 38ff23673937c3eba42a4eefb2007078.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 03:51:19 GMT
age: 123770
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 16 Aug 2023 13:17:02 GMT
server: AmazonS3
etag: W/"dc5859377b2ca918e132fce2532929d0"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: FJ1iAB3cTwOGSsjTQMA32HyXeCbeSTBCJ3V7lAG9AlDUEmu_AK9lKg==

GET
H2 200 sp-2.0.0-dm-0.1.min.js Show response
d32hwlnfiv2gyn.cloudfront.net/ 49 KB
18 KB 82ms
24ms Script
application/javascript 65.9.94.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d32hwlnfiv2gyn.cloudfront.net/sp-2.0.0-dm-0.1.min.js
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-26.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4737e970e7344d8bf4ee6760b4a0dd29c21c1899a7c34dbe1e10cb2893834f5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 05:03:40 GMT
x-amz-version-id: IZwYrapPL5STtMyaSYUvOnEvHgmJogqU
content-encoding: gzip
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 5735429
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 20 Mar 2022 08:45:42 GMT
server: AmazonS3
etag: W/"81ff203c31c9a3e5c15c5a790eebb460"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=6048000
x-amz-cf-id: D2C4niWFvQiUFJaYmnp596DFx7lPoNXNCfeeVjD2EvT5Cg_2TW46UQ==

GET
H2 200 lozad.min.js Show response
static.cdn-website.com/libs/lozad/1.15.0/ 3 KB
2 KB 14ms
13ms Script
text/javascript 18.239.69.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/libs/lozad/1.15.0/lozad.min.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/libs/jquery/jquery-3.7.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f803337d01a657607bca6b20e06f371c3895b36a5f2be03a8fa9b5e16c9a83e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: _6SCyxVyLbypq6FqWKSVVeOJ5iX21EVE
content-encoding: br
via: 1.1 38ff23673937c3eba42a4eefb2007078.cloudfront.net (CloudFront)
date: Thu, 28 Dec 2023 14:28:30 GMT
x-amz-cf-pop: AMS58-P4
age: 603939
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 24 May 2020 08:00:59 GMT
server: AmazonS3
etag: W/"0af1d330e19fe2a0aa127e1709936c75"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: uYFGKuquZfJ13ppwCvqpTKUTq5mAyaWi9FZyQ21YF7EiOQlmklBNZA==

GET
H2 200 1g7ro6acc Show response
embed.tawk.to/62ceb9207b967b11799955fa/ 2 KB
795 B 467ms
466ms Script
application/x-javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/62ceb9207b967b11799955fa/1g7ro6acc

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9467e711a5c66d65c92fa84b2eea6b146c01bf5fc72de45ffd5248cc2c08f19e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
server: cloudflare
etag: W/"stable-v4-65839862293"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 840416100ad54db6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 dm-common-icons.ttf
static.cdn-website.com/fonts/ 2 KB
3 KB 14ms
14ms Font
application/octet-stream 18.239.69.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/fonts/dm-common-icons.ttf?5f0fg
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.239.69.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 432d3ceb04bc5bb9c94242a57a06211ab0cbe6168af26354223a9b57df4266f0

Request headers

Referer: https://static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: PqntK7H35YcTmkMvqWIJAJRdU.53YusY
date: Thu, 04 Jan 2024 04:55:53 GMT
via: 1.1 38ff23673937c3eba42a4eefb2007078.cloudfront.net (CloudFront)
age: 165595
x-amz-cf-pop: AMS58-P4
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 2368
last-modified: Mon, 19 Aug 2019 11:53:23 GMT
server: AmazonS3
etag: "b71bfcb8a1c734ad0654e25cd41964f2"
vary: Origin
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: IqARpUnxvPi77S3EWMFlzY7VygxCQF9b1ArqWs_QUA__YnWSsFn3Gg==

GET
H2 200 cgmonetallc Show response
calendly.com/ Frame 3A68 6 KB
4 KB 476ms
456ms Document
text/html 2606:4700:4400::ac40:9251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/external/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a704aa73eaf482d3533b5711f68fb5b9e8a33a17a22d85a21a035b76a068f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.cgmoneta.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 840416104c081c36-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 04 Jan 2024 14:14:09 GMT
link: <https://assets.calendly.com/assets/booking/css/booking-7c813771.css>; rel=preload; as=style; nopush
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-request-id: a14a8abdb42dc853dd61e2cd189efe73
x-runtime: 0.230986

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
88 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0ZEPTZY19R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152012684-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8cc186381f104da5fe30dc67456f17b97d0703ffdaf304dc0418bd11a046cdfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89505
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jan 2024 14:14:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152012684-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 Jan 2024 13:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1551
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 04 Jan 2024 15:48:17 GMT

GET
H2 200 / Show response
core.service.elfsight.com/p/boot/ 4 KB
3 KB 222ms
188ms XHR
application/json 2606:4700:10::6816:455f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://core.service.elfsight.com/p/boot/?page=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&w=d18275b4-c273-4fe7-b05d-ac700e0949ed

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/platform/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:455f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6111dbcc6b2d40c346f9265818f75400050939fc0910bc7d0f3921e2ccfa884e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=0
x-dns-prefetch-control: on
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: unsafe-none
etag: W/"fcf-xvbkiGtb8jMTqFgj9/9LJS3e6Jg"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cgmoneta.com
origin-agent-cluster: ?1
access-control-allow-credentials: true
cf-apo-via: origin,host
cf-ray: 840416107a5791db-FRA

GET
H3 200 12.6171cd9bfa2f9ae1aea3.js Show response
static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/ 59 KB
20 KB 16ms
15ms Script
application/javascript 18.239.69.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/12.6171cd9bfa2f9ae1aea3.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.239.69.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 888f11364e81b5de54f8bcfa5b1da31ae7f97ce41f77c1972528811e2cf35892

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:08:18 GMT
x-amz-version-id: 4YH9U6V9fEZu.FVQrHzGnU1GECTdYKjw
content-encoding: br
via: 1.1 36f7726d79b9a22a1e91ae6451962028.cloudfront.net (CloudFront)
age: 345951
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 31 Dec 2023 13:58:35 GMT
server: AmazonS3
etag: W/"800b9b23acefac5d552d8e115bd9e570"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: zSiHviWRHOEr-lzC-V1bUfzsLp5eT-rg-Rv564W6BwLKHWGn2EQPtQ==

GET
H3 200 21.583f2d96326ff86e650d.js Show response
static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/ 4 KB
2 KB 15ms
15ms Script
application/javascript 18.239.69.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/21.583f2d96326ff86e650d.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.239.69.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b72f5e67cf7a44d3840970e60d44e395a79b37aee59f43d2143f91463af5c80c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:08:18 GMT
x-amz-version-id: OX2cb4Cci46dN2.39jLMhXGb6O10_UDV
content-encoding: br
via: 1.1 36f7726d79b9a22a1e91ae6451962028.cloudfront.net (CloudFront)
age: 345951
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 31 Dec 2023 13:58:35 GMT
server: AmazonS3
etag: W/"861d099f6733945782dd8297aa180df7"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 7klZjBTSdMAE_rjPziX-SSD_Vpqv1JGP9mX-gwLjwI3ERqQJq7tjTA==

GET
H3 200 7.3b2f92fc36ac48f677cb.js Show response
static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/ 3 KB
2 KB 16ms
16ms Script
application/javascript 18.239.69.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/7.3b2f92fc36ac48f677cb.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.239.69.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d21d6512b1e852644a8dfc3e0635054083b4e58060e20d17ed955d18cd9df5a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:08:18 GMT
x-amz-version-id: X2mBJ2em_28uA7AyB_p2T51clj.jRylO
content-encoding: br
via: 1.1 36f7726d79b9a22a1e91ae6451962028.cloudfront.net (CloudFront)
age: 345951
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 31 Dec 2023 13:58:35 GMT
server: AmazonS3
etag: W/"dc88dadf6380c0557529e13e13c25eea"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: KUjEUw2p5MjGhypHppL4sOaRuLSJFGs-8wFrqmJbwmSUpzgDNkV3Fw==

GET
H3 200 1.7ea1fab96e9c3e5ace05.js Show response
static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/ 62 KB
19 KB 15ms
15ms Script
application/javascript 18.239.69.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/1.7ea1fab96e9c3e5ace05.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.239.69.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59addd6541710bda3097d093e36bedfb1812c195445e8bd49c5f35df33262abf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:08:18 GMT
x-amz-version-id: 1pTF5wiYCXDmtqiSlLpTNr4jlIOPjXCL
content-encoding: br
via: 1.1 36f7726d79b9a22a1e91ae6451962028.cloudfront.net (CloudFront)
age: 345951
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 31 Dec 2023 13:58:35 GMT
server: AmazonS3
etag: W/"ad145a39a00a88aa3c84ead303ad1855"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: av6ZXDDSMSArif347CutrbM85YKPmFIWexmumoH1YuF8dMvYXeBr0A==

GET
H3 200 6.527b9e6c5a24a3be8c9e.js Show response
static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/ 3 KB
1 KB 16ms
16ms Script
application/javascript 18.239.69.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/6.527b9e6c5a24a3be8c9e.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.239.69.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c38a8377590cd40c9e99dd615f8a964dcb3778b2fcc1fb56b826bb52d304f2da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:08:18 GMT
x-amz-version-id: _T.IcnRkmNU..4jNVXZSnC6O3RZZb8JS
content-encoding: br
via: 1.1 36f7726d79b9a22a1e91ae6451962028.cloudfront.net (CloudFront)
age: 345951
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 31 Dec 2023 13:58:35 GMT
server: AmazonS3
etag: W/"a5954f3b557e5cf09c87ee3180b0fa00"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: K4x7fd18DI6A5EFcqieHOsQICjazonfF-Pd9o2FQfPJ-ZidIkoQTIA==

GET
H3 200 skrollr.min.js Show response
static.cdn-website.com/libs/bower-skrollr/ 12 KB
6 KB 14ms
14ms Script
text/javascript 18.239.69.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/libs/bower-skrollr/skrollr.min.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/libs/jquery/jquery-3.7.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.239.69.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0d94dfb86d686fa5c7a0ae58ab81d05e42e026f92113d2037e70bbf37bc5da8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 04xLqcAi1BJ2lpzw2II1Thpz7n9kiiRR
content-encoding: br
via: 1.1 36f7726d79b9a22a1e91ae6451962028.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 08:55:25 GMT
age: 105524
x-amz-cf-pop: AMS58-P4
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 25 Dec 2019 10:41:33 GMT
server: AmazonS3
etag: W/"7a180f303bea26a3ef7edf53342e7afa"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 8HqiZZY8KDc93M-3cl43czs2-JXCTdyuETbqJwcXjt9ZesMNObFDWQ==

GET
H3 200 runtime-module-anchors.469dbb97917a54c88c2b.js Show response
static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/ 3 KB
1 KB 13ms
13ms Script
application/javascript 18.239.69.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/runtime-module-anchors.469dbb97917a54c88c2b.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.239.69.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c98e3d81d13a653b48a114769a6b2806be2b8a36262cf5b1b4ccdedbc22e4e18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:08:18 GMT
x-amz-version-id: Sg1tNahvgXAv0FupOxm2CaC6dVi3n48i
content-encoding: br
via: 1.1 36f7726d79b9a22a1e91ae6451962028.cloudfront.net (CloudFront)
age: 345951
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 31 Dec 2023 13:58:35 GMT
server: AmazonS3
etag: W/"41986e4ab357ba72ce1c06b9d6457018"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: ml8bCfm1g-I4_rQNgvSsu-aUOvS2L-aPSDF_t9bUGhPkWVQjmu8OCw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1704377648759&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1704377648759&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2226289%26time%3D1704377648759%26url%3Dhttps%253A%252F%252Fwww.cgmoneta.com%252Fa...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1704377648759&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1704377648759&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&cookiesTest=true&liSync=true&e_ipv6=AQJWMdC...

0
265 B

165ms
150ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1704377648759&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&cookiesTest=true&liSync=true&e_ipv6=AQJWMdCuIuBA-AAAAYzU0wmrGYbxhFhXxkSDPX7RCRwvRAMV1MbJqrC--oYbXY6_q1m18qL9cUw3scE60ldbiBIaid0mTQ
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: CF30F728628A4A9AB3A9D630DA14C680 Ref B: FRAEDGE1315 Ref C: 2024-01-04T14:14:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOH1hgj/M6KJQRRkyp5g==

Redirect headers

date: Thu, 04 Jan 2024 14:14:08 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 5314FEE43E7C4102846526FCD6F9949E Ref B: FRAEDGE2007 Ref C: 2024-01-04T14:14:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2226289&time=1704377648759&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&cookiesTest=true&liSync=true&e_ipv6=AQJWMdCuIuBA-AAAAYzU0wmrGYbxhFhXxkSDPX7RCRwvRAMV1MbJqrC--oYbXY6_q1m18qL9cUw3scE60ldbiBIaid0mTQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOH1hdq9xUmg6OQBaQoA==

GET
H3 200 3.f33b5b73ebba9f56b49b.js Show response
static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/ 124 KB
35 KB 15ms
15ms Script
application/javascript 18.239.69.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/3.f33b5b73ebba9f56b49b.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.239.69.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2019dd1a4024295a8f1bc1dc47fff7de74c19f566482e2775e04aaf041e9d71d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:08:18 GMT
x-amz-version-id: 0Lp2NKC6W3VlK71oECQnNf.XAHLGONZb
content-encoding: br
via: 1.1 36f7726d79b9a22a1e91ae6451962028.cloudfront.net (CloudFront)
age: 345951
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 31 Dec 2023 13:58:35 GMT
server: AmazonS3
etag: W/"d9950d8bbc6781b77ae47e600062fc0a"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: zikxs8x4GZzUY6KhP8u2Mq9JCU8LuHWzYkiGRpLviVLKNL_vs6GUfQ==

GET
H3 200 4.80997778b901ad366c4c.js Show response
static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/ 29 KB
7 KB 16ms
16ms Script
application/javascript 18.239.69.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/4.80997778b901ad366c4c.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.239.69.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4445ac2ad3033e388507e63143292102d267d60ec29d23e1406e2fe975b7fe96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:08:18 GMT
x-amz-version-id: nliC694b.Hl.4nORzOVgskYQHMFICqQt
content-encoding: br
via: 1.1 36f7726d79b9a22a1e91ae6451962028.cloudfront.net (CloudFront)
age: 345951
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 31 Dec 2023 13:58:35 GMT
server: AmazonS3
etag: W/"abb92a219c27392d91f51d0a5b122292"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: zpIuNo4PHgleIqguXrXSOmz-5pKSSQqW4PdkBA9bC6aUBOFbrWNRug==

GET
H2 200 i
d32hwlnfiv2gyn.cloudfront.net/ 37 B
395 B 437ms
437ms Image
image/gif 65.9.94.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32hwlnfiv2gyn.cloudfront.net/i?e=pv&page=ADHC%20Underpayments&dtm=1704377648766&tid=132772&vp=1600x1200&ds=1600x10153&vid=1&duid=93e021bdeea04130&p=web&tv=js-2.0.0&fp=3842461078&aid=74b8fd56&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&tna=cf&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-26.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
x-amz-version-id: null
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
last-modified: Thu, 03 Jul 2014 09:50:57 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: "3eacd0132310ea44cad756b378a3bc07"
x-cache: Miss from cloudfront
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 37
x-amz-cf-id: FGhBWvzA1Iz6JFelxypyGuODCwb49hjgoXbl1N0-5rzY5eUptB1yfQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1344105963&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&ul=en-us&de=UTF-8&dt=ADHC%20Underpayments&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=1112023987&gjid=1266789811&cid=1789402908.1704377649&tid=UA-152012684-1&_gid=1328242626.1704377649&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1095914431

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 14:14:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cgmoneta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 54ms
18ms XHR
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-152012684-1&cid=1789402908.1704377649&jid=1112023987&gjid=1266789811&_gid=1328242626.1704377649&_u=YGBACUAABAAAACAAI~&z=1909072367

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 04 Jan 2024 14:14:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cgmoneta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 metrics
rtc.multiscreensite.com/performance/ 0
0 102ms
101ms Fetch 3.222.32.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtc.multiscreensite.com/performance/metrics
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/21.583f2d96326ff86e650d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.32.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-32-116.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.cgmoneta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 04 Jan 2024 14:14:09 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 metrics
rtc.multiscreensite.com/performance/ Frame 0
0 331ms
102ms Preflight 3.222.32.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtc.multiscreensite.com/performance/metrics
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.32.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-32-116.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cgmoneta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Thu, 04 Jan 2024 14:14:09 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 34ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0ZEPTZY19R&gtm=45je3bt0v882659074&_p=1704377648638&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1789402908.1704377649&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1704377648&sct=1&seg=0&dl=https%3A%2F%2Fwww.cgmoneta.com%2Fadhc-underpayments-client-intake-form&dt=ADHC%20Underpayments&en=page_view&_fv=2&_ss=2&_c=1&tfd=1908
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0ZEPTZY19R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 14:14:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cgmoneta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 33ms
19ms Ping
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0ZEPTZY19R&cid=1789402908.1704377649&gtm=45je3bt0v882659074&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0ZEPTZY19R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 14:14:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cgmoneta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 54ms
34ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0ZEPTZY19R&cid=1789402908.1704377649&gtm=45je3bt0v882659074&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1705182644

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 14:14:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 20.b49e17d42cf3d39d6755.js Show response
static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/ 4 KB
2 KB 14ms
13ms Script
application/javascript 18.239.69.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/20.b49e17d42cf3d39d6755.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4049/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.239.69.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b72ad127da3e5744f29c12b2a40a0165129ae00a7aa7dc32f1def9dae955fd2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:08:19 GMT
x-amz-version-id: 0D4RV1VqEZpuIRu_ujHCMFtbmPQqSfr.
content-encoding: br
via: 1.1 36f7726d79b9a22a1e91ae6451962028.cloudfront.net (CloudFront)
age: 345950
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 31 Dec 2023 13:58:35 GMT
server: AmazonS3
etag: W/"0890809777c05c8221eda60ec1e0ecb0"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 2C1cRX47koNYniCB7WKUKRxLdGKE5_Ixf_6oe8XC5Klrwb-zEzx7OA==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 52ms
31ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-152012684-1&cid=1789402908.1704377649&jid=1112023987&_u=YGBACUAABAAAACAAI~&z=826321430

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 14:14:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-152012684-1&cid=1789402908.1704377649&jid=1112023987&_u=YGBACUAABAAAACAAI~&z=826321430

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 14:14:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 numberCounter.js Show response
static.elfsight.com/apps/number-counter/stable/e38d84a0fe2feeeab7f1991d1e7d207b745e8213/app/ 261 KB
85 KB 22ms
22ms Script
application/javascript 2606:4700:10::ac43:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/apps/number-counter/stable/e38d84a0fe2feeeab7f1991d1e7d207b745e8213/app/numberCounter.js

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/platform/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2af142cf880e42cc63699e631bbbbc2c16f9ecdb14b8310e5d70799567fed2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:08 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx00000e9cb8050b7800ab7-0065895325-536a3593-sfo2a
age: 2102
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Dec 2023 08:32:20 GMT
server: cloudflare
etag: W/"e9848f8805e0f253c38a87d81967f83f"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-do-cdn-uuid: e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 84041611a97e5d3a-FRA

GET
H2 200 app-number-counter-handshake.svg Show response
static.elfsight.com/icons/ 2 KB
1 KB 245ms
226ms XHR
image/svg+xml 2606:4700:10::ac43:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/icons/app-number-counter-handshake.svg

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/apps/number-counter/stable/e38d84a0fe2feeeab7f1991d1e7d207b745e8213/app/numberCounter.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c3f43f9e433cc7dcf72557510e28f069ec93162a399793e6610b7a7f97a70cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: tx00000dd48cad7b6da9de8-0065882a30-5369b237-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 22 Dec 2023 11:44:06 GMT
server: cloudflare
etag: W/"8365d636afeadfb6db4349487819f546"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-do-cdn-uuid: e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type: Normal
cache-control: max-age=3600
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-ray: 840416122c843636-FRA

GET
H2 200 app-number-counter-coin.svg Show response
static.elfsight.com/icons/ 1007 B
661 B 377ms
361ms XHR
image/svg+xml 2606:4700:10::ac43:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/icons/app-number-counter-coin.svg

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/apps/number-counter/stable/e38d84a0fe2feeeab7f1991d1e7d207b745e8213/app/numberCounter.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f9e9ae956ffab2981f954cf29a01f69353508687b3d7f9696dc502155b2a569

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: tx0000093d352eb5e86ddbf-0065953a19-5369b237-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 28 Dec 2023 12:02:44 GMT
server: cloudflare
etag: W/"ad06adc529ae39fd1db888f13182b5a7"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-do-cdn-uuid: e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type: Normal
cache-control: max-age=3600
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-ray: 840416122c873636-FRA

GET
H2 200 app-number-counter-graphic.svg Show response
static.elfsight.com/icons/ 916 B
903 B 213ms
198ms XHR
image/svg+xml 2606:4700:10::ac43:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/icons/app-number-counter-graphic.svg

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/apps/number-counter/stable/e38d84a0fe2feeeab7f1991d1e7d207b745e8213/app/numberCounter.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb3a62140e15c0ae94ced7e32c1b9f373601371a313fe6f4836d993463f57204

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: tx000003d70a186653746b2-00659424b0-536a3593-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 28 Dec 2023 12:02:45 GMT
server: cloudflare
etag: W/"a3101c9a376fc17a876d63b186da0848"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-do-cdn-uuid: e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type: Normal
cache-control: max-age=3600
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-ray: 840416122c863636-FRA

GET
H2 200 307e354361519220.ltr.css
static.canva.com/web/ Frame F723 94 KB
24 KB 57ms
28ms Stylesheet
text/css 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/307e354361519220.ltr.css

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec860a2bd7ea606d4b1573e5276be0d88d325b8a7d293929460e18eab30514fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 46362
x-amz-request-id: 8SYSSBP3AT9MT0YS
x-amz-server-side-encryption: AES256
x-amz-version-id: GFTosdVUd44opHnTSZZIpEFDlDnvBo7i
content-encoding: br
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: f3RwPY29mJ/XGEXO8GkR5ujy30u/LDJUN4HmpR4h8SbYsPLjBvzPjA2IK31RYQVN7xVXluX3DHY=
x-amz-expiration: expiry-date="Sat, 04 Jan 2025 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Thu, 04 Jan 2024 01:16:19 GMT
server: cloudflare
etag: W/"4196db53f971cc5dcf1086e0303d0a86"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AZV4KpStoqLTQBOJKddnHUIwC%2FS1FcxeSr8fFq7lgYVzjJpEKONOESLYbZNkPksOHWYUUMXqyGo%2BCYCcLSrzyUzVhFxEhnFWOu0cAELRUHXT%2Fl2gGzltgHC6YQpMWYCeCciI3ExPR8Lm6AGcGE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
cf-ray: 840416124ed99273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 8787ae2d0713f31e.strings.js Show response
static.canva.com/web/ Frame F723 4 KB
3 KB 54ms
24ms Script
text/javascript 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/8787ae2d0713f31e.strings.js

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31e2f45b3caeba8c96e1d3de4269cd3f410e29e40abaf5ae2f1fdfdbf628bc80

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 132602
x-amz-request-id: X8TBH8WAQQ0PMK2Z
x-amz-server-side-encryption: AES256
x-amz-version-id: 87OLrZxUzM4fMnJgwsIAj_dYN2akW.JY
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ZkP6VpV+nB9CfkeDjnBEO6zUpurQWJa05t9L+3I2EQ18nRVEaH/BErVNIzlyh29ISyzBdykCS/4=
x-amz-expiration: expiry-date="Fri, 03 Jan 2025 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Wed, 03 Jan 2024 01:14:21 GMT
server: cloudflare
etag: W/"3e759d23122401ffd38f355f0f998776"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FlPwxMnPmz2Slbp1MIwkeQAcFNUE5TFHRy55PlvXDcQ2M3W2B%2B28hZQnEhM8NaVuKNFlMZfMwC8E79pAqf2yFy1KxRTbAfDOCD4en7rl7GwRlaq4X9%2BrzyTelKvncdIAQqkjcH%2FqDI3Ly6e9Ig%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
cf-ray: 840416124eda9273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 9b5c5425be18295e.runtime.js Show response
static.canva.com/web/ Frame F723 17 KB
7 KB 62ms
33ms Script
text/javascript 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/9b5c5425be18295e.runtime.js

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

032d73b4379079c5e590ee47252a042cc4aa47e6fbd6792a3a6f35114a75a7c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 46108
x-amz-request-id: 0E68V66M5J9ZD931
x-amz-server-side-encryption: AES256
x-amz-version-id: ndPm7LTREbgTGBN9lR5TISlIbxOTJ6Yi
content-encoding: br
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: vUedkno4iu/2GzkP55vI7tBs/O9wEfV2S8gRZZqsB358TPWfVSSpWaYDdSP6sqLMB/aPcqBVcN4=
x-amz-expiration: expiry-date="Sat, 04 Jan 2025 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Thu, 04 Jan 2024 01:16:20 GMT
server: cloudflare
etag: W/"34a6a4362fe79daa92e8c36d5a51cd16"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fguBQD3RfZoVSdnKOUaDvgK7cDSueiFLXk%2BTMLsGGZfR%2BaSdQx%2BPQGxEWR3mjuFUODQe%2BC%2BrkNIw%2F8WWdJhQ3GG8r3bskbTeYnC1k5gOXsozJq3d0jpJTVcRfPQINu7XYw3bO28HkHby2XJDQAg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
cf-ray: 840416124edc9273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 fd7d0bdee2bdc049.vendor.js Show response
static.canva.com/web/ Frame F723 202 KB
66 KB 52ms
22ms Script
text/javascript 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/fd7d0bdee2bdc049.vendor.js

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afb56f03f1f14f412565f7750d2e602932e99da1716836842deb3fce25815868

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 4454983
x-amz-request-id: 01D8SS83JRYG8V7C
x-amz-server-side-encryption: AES256
x-amz-version-id: f9EmtQnKRTbZXL9ZsDwoYnt4I0g6qC8i
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: r/EOhqSMtABiiT1DJgW1nqXIluIkaWxsVqqeUFNRtS5McRHeixK7T5yL5N0ZiG+O5MM4JXh8HuI=
x-amz-expiration: expiry-date="Thu, 07 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Tue, 07 Nov 2023 01:24:59 GMT
server: cloudflare
etag: W/"bf373ce750acde1457b213352c091f0f"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJxZ%2FtFgkGLgO%2Ff6m2HKRzkKIYWgRbpjMbUHqu3XEypBflB29IoXcoPwnq6hX6ccVGQ3iSgReovBnB6GWQrt3%2F3b43YSgmsXZOToI34QKvnRRbWHbVqbnCx3nPfUhm2ZT0BLoj2Bn7xjV2uSGj8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
cf-ray: 840416124ede9273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 e14880e117af3c6e.vendor.js Show response
static.canva.com/web/ Frame F723 160 KB
51 KB 54ms
25ms Script
text/javascript 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/e14880e117af3c6e.vendor.js

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76b79f2d6a7ce7b96781d64c0034832738a8e3b3663d74801b30f0cd4c2175a1

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 1429285
x-amz-request-id: PKXXB72XRDCXTZM6
x-amz-server-side-encryption: AES256
x-amz-version-id: NKpgncPAeKm2iYxVD.gC1C3uvCADCdn_
content-encoding: br
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: TdIvbfs/pqhNJRt2KIAzut/1pwNPTj3wWq0ffwCeiD+wHkrD/BBPz9CaHwccX4D0NHojW5964qo=
x-amz-expiration: expiry-date="Thu, 19 Dec 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Tue, 19 Dec 2023 01:04:21 GMT
server: cloudflare
etag: W/"4e6fd483cc2fd615097f6e69aaf5a89a"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ubiof6Hevr1Qq%2Bp5hMtoc7qe4VSw3ip9QncaMW6gjVBKP20rg%2BOmzpARY2fUJvzIjjmcPF5UOpvwFksklgUO%2BO%2FXySnwMouQ26SZqYPIKdKW9YhUboWB2kD11OXzK5w0ALS2ptytjlLH0HFQ1Fc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
cf-ray: 840416124edb9273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 2f20436accaa69f1.js Show response
static.canva.com/web/ Frame F723 1 MB
391 KB 62ms
32ms Script
text/javascript 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/2f20436accaa69f1.js

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23f28a69786f743cf01c9d6e37a91b9990c412d6fc731d4afff7decb89fa2368

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 46108
x-amz-request-id: 9YC40G5G8983PKVC
x-amz-server-side-encryption: AES256
x-amz-version-id: xfQ6UKSb.nFF0dwW9VsGwO2WzvDL9c9a
content-encoding: br
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: nqLmZBfPtl67N95ghv1rS6e0I4fvw4OdFScVuAflK6A9aEu7kRIvQcXu3wOVaRTfZh1As8v3tgY=
x-amz-expiration: expiry-date="Sat, 04 Jan 2025 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Thu, 04 Jan 2024 01:16:19 GMT
server: cloudflare
etag: W/"7f431c513fab73e944894298e86d1bac"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpju9ZBg4l67dCXx3J082nJJ94BKn%2BWSrois%2FcXz2xg9DmNcrPWEaUsjkqjVfAryklwsutI1wHjq6JjGe3sRA4H1NC0oQzIgEjTaHUmo68n5V%2BYVMhjr1WnYUzBy4Is6McFiijaZX9QMEodkUw8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
cf-ray: 840416124edd9273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 7.16.0.min.js Show response
static.canva.com/static/lib/sentry/ Frame F723 54 KB
20 KB 36ms
24ms Script
application/javascript 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/static/lib/sentry/7.16.0.min.js

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6de703f8ee214808496dcd92795ac8971782935ed75abdd5624c814e69daaea

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 4972675
x-amz-request-id: M7BB2XT7KYE9RC4M
x-amz-server-side-encryption: AES256
x-amz-version-id: 7Y.eDQVdH_1a1Q9tppJ5zLqjHXQ7moAO
content-encoding: br
x-amz-meta-vary: Origin
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: wxvsu73NjGvyoD0LKY5GTXcKMYeLItyOpv3pCyVbu/iRvGOkfFxjdhpzQ23V47NgXfFgz0pePsw=
last-modified: Mon, 11 Sep 2023 23:43:07 GMT
server: cloudflare
etag: W/"6dc1cce8077783c3610fe0d0c263e0b4"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2F66ZL9Tf0N4YZXkeQVCek4j94DsKPeNIJ4cGPUH4WkuJDVlWB4HJ5uUTQLfdC1yt5bf9qRFKvooNr2Ownfwk284DjxeVDLI4ihANv%2FKjqGiXFmOTFN2CIMk72dLWwrGU2z5MNkiacWg9HEgpqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31556926
cf-ray: 840416123da990ec-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame F723 20 KB
7 KB 57ms
42ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8404161238893a91-FRA

POST
H2 200 / Show response
o13855.ingest.sentry.io/api/6081839/envelope/ Frame F723 2 B
324 B 49ms
10ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o13855.ingest.sentry.io/api/6081839/envelope/?sentry_key=3daf58e34a9945fe9c5defceb4bfcb59&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.16.0

Requested by

Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/7.16.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.canva.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H2 200 / Show response
o13855.ingest.sentry.io/api/6081839/envelope/ Frame F723 2 B
57 B 11ms
11ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o13855.ingest.sentry.io/api/6081839/envelope/?sentry_key=3daf58e34a9945fe9c5defceb4bfcb59&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.16.0

Requested by

Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/7.16.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.canva.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H2 200 / Show response
o13855.ingest.sentry.io/api/6081839/envelope/ Frame F723 2 B
57 B 10ms
10ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o13855.ingest.sentry.io/api/6081839/envelope/?sentry_key=3daf58e34a9945fe9c5defceb4bfcb59&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.16.0

Requested by

Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/7.16.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.canva.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 cd0b6749f6f7dd51.js Show response
static.canva.com/web/ Frame F723 7 KB
4 KB 26ms
25ms Script
text/javascript 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/cd0b6749f6f7dd51.js

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/9b5c5425be18295e.runtime.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c44317c998f6c63d299352e52ac189e563167efb05a0f7302d39744b77ebea8f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 46018
x-amz-request-id: 0E6F4K4FWJRSVHQY
x-amz-server-side-encryption: AES256
x-amz-version-id: AuqoYHKCUAMLtxC9lHKkrw420BeKeBJi
content-encoding: br
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: oL02Huv5cKiX6A8x3zXBA4el0zlIHk/OXZcE51ofizx4LHedAIpbrypCeBfTZD8+OmlBN2SypDo=
x-amz-expiration: expiry-date="Sat, 04 Jan 2025 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Thu, 04 Jan 2024 01:16:21 GMT
server: cloudflare
etag: W/"68e288f4936ce18362c08f67159c02ef"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qRV7n%2Fv1WgmwarxaUEIR%2BqU4VL8zlCsBqQY1KHjiN6wGXY9qTAWLsoyX0%2BzDftR3MFePYUj36n66ZIw%2BZ3snq8g8gV11SkkdIoqqcCtqrqbTfmiPHbC5iI0E9LUhvVKII7nDMcYxJ3%2FVbhbTZY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31556926
cf-ray: 840416134e6e90ec-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 710014359820a03b.js Show response
static.canva.com/web/ Frame F723 5 KB
3 KB 28ms
28ms Script
text/javascript 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/710014359820a03b.js

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/9b5c5425be18295e.runtime.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc6ce7ed2f957c5973407c566c3bde76ee0c33b6cef301e6e9cf079b15c75d0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 46018
x-amz-request-id: JJSBTX380Z39YCHG
x-amz-server-side-encryption: AES256
x-amz-version-id: h3dF8fgpwga0pTYuScO90CNJuEeRKkKJ
content-encoding: br
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: GqXzc0bS7HUbx6XbykyeUmhK8sHOE3wSRJunrbak1AgFID5YWUFphVcyQPNktPBVC8j5JjhzXM4=
x-amz-expiration: expiry-date="Sat, 04 Jan 2025 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Thu, 04 Jan 2024 01:16:20 GMT
server: cloudflare
etag: W/"99a40112dab6bf0bd873251fe36a758a"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFL9aJOZ7%2FuHbnGZM3Zov0Oh8stoNJb6piWitTcasUm6JGnE3dxyEOn15uq5hUyoR%2BVjMTS%2BOARw2kBduoOntX21bqmrBKZGAu96YCcGsEhFhMGWnWGqANZ2fGr29fKFHy4IGnin%2BuEQPBA6znc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31556926
cf-ray: 840416134e6f90ec-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 65f7837e9e1797b2.vendor.js Show response
static.canva.com/web/ Frame F723 91 KB
32 KB 26ms
26ms Script
text/javascript 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/65f7837e9e1797b2.vendor.js

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/9b5c5425be18295e.runtime.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd885fd2c15f6d7991ceb02e1196bd63e9fd2992d65c2bc3b332fbd626336455

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 4453907
x-amz-request-id: 1CKAKGBRZMCN6X94
x-amz-server-side-encryption: AES256
x-amz-version-id: upmt.LKnt0BNlu52jYy6m2lrwh73mgCF
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: EM7VisSBqdAngjePcKweLYro2/o1wrwy7tnuYqujD9Mecj6Uvje65wz9Q/567OJYiGuoDDad7rI=
x-amz-expiration: expiry-date="Thu, 14 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Tue, 14 Nov 2023 00:51:16 GMT
server: cloudflare
etag: W/"2a96e3c665278489d83115a03982f907"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYS66lAZGIhKlAkAGQGoSgUeiQGTr%2F6Ptf5oRwJ1GCQhiw7p1YhD0HLNBbkUGPfcuA6fL1A9GLjMLRcfdQcc5FqukPlle%2BJWbjcT1y9xLHY8CN%2FWebPc7bJPGOKZdCVxWbBXbPC4HRhr2aHTTSM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31556926
cf-ray: 840416134e7190ec-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 c085a8aafd041ffa.ltr.css
static.canva.com/web/ Frame F723 544 B
1 KB 27ms
27ms Stylesheet
text/css 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/c085a8aafd041ffa.ltr.css

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/9b5c5425be18295e.runtime.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

702fbc7df28b5e475184aa63bae93fd2d686053455a7e359c71ca560c3f1ff78

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 2973279
x-amz-request-id: 1022VTCWW07F3KWB
x-amz-server-side-encryption: AES256
x-amz-version-id: 702WaBWo2D9D8p_5Ul56yR7DNS99tBFH
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: LT5D+h4PpNsVzAHNlDH/xN7u2RV0MfkZdNgFU8C6juXah0/tq/cOOxNvVDBBVKx2ougKXJmb0lA=
x-amz-expiration: expiry-date="Thu, 07 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Tue, 07 Nov 2023 01:25:12 GMT
server: cloudflare
etag: W/"7e390885a27dc43d1f08a1ae043fca3f"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tx7bwmvrbuACAQu3sof52h4pXTi7dMetWK7UMwy1AeSeTd0ya8qfc8fM%2B5I8yuOXKPLtN0EE06Da%2BZjHFbj7yHS9PrHkWuyrKchcQ6ev5nJ4aSu%2B3gDwFBpfDdTFwqS4nY96NXQS0sMx5EaBZNY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31556926
cf-ray: 840416134e7490ec-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 156ea0279d15754b.js Show response
static.canva.com/web/ Frame F723 12 KB
5 KB 28ms
28ms Script
text/javascript 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/156ea0279d15754b.js

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/9b5c5425be18295e.runtime.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f670086cdf147a14d8a38f7da8aeb55823916f04aacabfa11f95508789c0cf8

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 46106
x-amz-request-id: 9YC9JH9KA4S2ZMM1
x-amz-server-side-encryption: AES256
x-amz-version-id: 05gxR.wWOEJz_45o461phUNKgP9DXYs9
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: oLSEfrAf6ECK37560awlhNlapT9drbDsYy85qHLKSqDlCTUVZIzovYv94W8P6Y1qEPzi66mme3M=
x-amz-expiration: expiry-date="Sat, 04 Jan 2025 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Thu, 04 Jan 2024 01:16:19 GMT
server: cloudflare
etag: W/"dc729119ea2a6935df52dfba9aa9b24e"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhTwY5o0lp5YMQN2oPTy3ddBDJGJEzEIBMnAOWPocTByedPFHNajgx4E%2BA3t7xICilmhVfnrzymumw9Tx9WbEDSuRBAVieEK%2Bv%2FZIbAaOgtWL9sZr4YLwYsyjmIDyIVKWqqTo8%2BIRe0AApos8YA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31556926
cf-ray: 840416134e7690ec-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 e8db21cab7d070e8.js Show response
static.canva.com/web/ Frame F723 18 KB
7 KB 29ms
29ms Script
text/javascript 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/e8db21cab7d070e8.js

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/9b5c5425be18295e.runtime.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42221f444077a949193481b1557731609989babddf5ad7e6fc222f1b377e8932

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 46106
x-amz-request-id: 9XHSC6DH69Y1F2EV
x-amz-server-side-encryption: AES256
x-amz-version-id: H_K7jLRoVU1pEm289tNkC4Td_AmnzCzo
content-encoding: br
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: luhkjjys+jNbyOhbd6aC3+EDRHeqaAModfzzItw/yHFfTGcCuqAapL4I6fXJhtXDRu1DciQu9/U=
x-amz-expiration: expiry-date="Sat, 04 Jan 2025 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Thu, 04 Jan 2024 01:16:21 GMT
server: cloudflare
etag: W/"7de379c524962ec684d76fd9bec30835"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVdmHAAG3wcr2l%2BcbPCfkvZhJtu8Bta1KQ6Qq0SrJiLIyX2Pa3Z3QirlSreZX67vb5TBazPNkL9mobq%2FrC%2FRuO60ClBVpNHeasNod93i%2FGMHVCh34xiZyfCaZhnRa4o3SyHT0DjSc0OLeUJ3TFE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31556926
cf-ray: 840416134e7790ec-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 b46630e470f4040eba7033cf2435edce.woff
static.canva.com/web/images/ Frame F723 1 KB
2 KB 23ms
23ms Font
font/woff 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/images/b46630e470f4040eba7033cf2435edce.woff

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/307e354361519220.ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e32aea52247a81c38b4735e84a28ba27b0cbc33f007a1d14e81e64ba766eadd

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.canva.com/web/307e354361519220.ltr.css
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 5052913
x-amz-request-id: 01D4VZWWTKED076R
x-amz-server-side-encryption: AES256
x-amz-version-id: NUSydBz2WYWgqHaWeiFtnSpkR3n4elJJ
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 1136
x-amz-id-2: k2H87VUt542UmTlPEZx8DRHJuiXlJvCIrETZHSPzPClpSQM0CL3Kz1ZZcX8UP3IOq9Y5BjLdHNs=
x-amz-expiration: expiry-date="Thu, 07 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Tue, 07 Nov 2023 01:52:14 GMT
server: cloudflare
etag: "b46630e470f4040eba7033cf2435edce"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: font/woff
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADlZXhk8NRd7bMfSWJ%2FQVA0%2ByU3YfYfljF6VXUK%2Fcljy2TOQd5zG8kGYl07Kh9PfxS%2Fo4Ma8bgUcNXq5Kxpoys0uRhLGZ9pJ%2F5Ekg38F8ncxqq0YYnDu7IRWCD3oHjExYEEdfm5tetna%2Bn%2FQvgM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 84041613dfba9273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 31ed695fc889d00593852e4078080fe8.css
font-public.canva.com/_fb/s/ Frame F723 34 KB
2 KB 46ms
28ms Stylesheet
text/css 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://font-public.canva.com/_fb/s/31ed695fc889d00593852e4078080fe8.css

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/2f20436accaa69f1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

587e53033e66207407f9108a4f3aee7827cc50a0de5a64ec769c75fd47f90a90

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_font-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_font-public
age: 3144203
x-amz-request-id: J3HE4PJQYPCB2WSM
x-amz-server-side-encryption: AES256
x-amz-version-id: vyr5_vt3y3tjZ_s2yxmwfnXM1Qv8Xk8f
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: q4o2Eq4670/JqF02fmQanZHQGHNBf+Zqb4QfpaXiJ91u1yGuP1TRWj5ljmvcKgWbY557HL5+r0o=
last-modified: Mon, 13 Mar 2023 08:11:23 GMT
server: cloudflare
etag: W/"46d87b5a7661e0529b44aca65fbdef86"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdyQcW1g3tGN06e60J7qYi4DFDiPPNwnQQZXzhu27%2FioNDHJMrTrICr3AswF8l6i1asdajyugyyrHl6HG53o2b8XIUWLfRyb94Rj9dSxZRJEPtYBUnTrQM1thue4AE%2BRbvfP2ykYkUBcXoZ12dT%2FXO0VPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 840416140f2490ec-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 14:14:09 GMT

GET
H3

200

main.js Show response
www.canva.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 6720
Redirect Chain

https://www.canva.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.canva.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
4 KB

14ms
13ms

Script
application/javascript

2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canva.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9be86c1213ce98f6bb2c97258ed2afefde36041258852f9460c83ac88270aed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yINNILtK1ES0aGC3djTLBT1HMoCX%2BpzGpcnXHNs9jBAF6vwuJoDj%2FJf%2FjEcj%2FM5xp8HvAUeMdvVWuhb%2BRk1OtebyqbYYFd3PfzLZ6Z7kW36z%2BeCH4bodbiRAbGYVZVGMC5UVc%2FJeSs16Bts%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 84041614aeac2bd9-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1vTQuVviDPnhqNQufDzNI8V2NX%2FjcJr0Qh6C2j3YjkcgRd5LowyxFgRIIXCrvWc99KVLhH2bGPC5KDsLR6pWMQcjO%2FNucd%2BXuR1uEXC9XsI438hTHwwQQxBdLpna1VTqKy7kRlKNGTDOpg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
cache-control: max-age=300, public
cf-ray: 84041613fe232bd9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 booking-7c813771.css
assets.calendly.com/assets/booking/css/ Frame 3A68 321 KB
165 KB 183ms
183ms Stylesheet
text/css 2606:4700:4400::ac40:9251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/booking/css/booking-7c813771.css

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e262d9074dcb017c9104a3f9e261a75ef85cc9f1cddf45738186771b633400a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 79486
cf-polished: origSize=346523
last-modified: Wed, 03 Jan 2024 16:03:21 GMT
cf-bgj: minify
server: cloudflare
etag: W/"6f857fb02d52986f4dbd1b7ee65d1b0b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 840416141f551c36-FRA
expires: Fri, 05 Jan 2024 14:14:09 GMT

GET
H2 200 booking-runtime-838aa5fe.js Show response
assets.calendly.com/assets/booking/js/ Frame 3A68 10 KB
3 KB 179ms
179ms Script
application/javascript 2606:4700:4400::ac40:9251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/booking/js/booking-runtime-838aa5fe.js

Requested by

Host: calendly.com
URL: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

313ba33d88f1598dcbeb16679bde5629c48ddb2f42888619a6b9172600440abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 79529
cf-polished: origSize=19531
last-modified: Wed, 03 Jan 2024 16:03:22 GMT
cf-bgj: minify
server: cloudflare
etag: W/"c53009dd8e24495b6704e47c0e3abb08"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 840416141f581c36-FRA
expires: Fri, 05 Jan 2024 14:14:09 GMT

GET
H2 200 booking-6df208fe.js Show response
assets.calendly.com/assets/booking/js/ Frame 3A68 2 MB
451 KB 113ms
113ms Script
application/javascript 2606:4700:4400::ac40:9251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/booking/js/booking-6df208fe.js

Requested by

Host: calendly.com
URL: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a93c699753b0524b85e9854d322063165a64a12ebce12ec8ea6a82f6234b999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 159258
cf-polished: origSize=1707838
last-modified: Tue, 02 Jan 2024 17:54:32 GMT
cf-bgj: minify
server: cloudflare
etag: W/"ad56363590015bf54c6f00370201d559"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84041614aff51c36-FRA
expires: Fri, 05 Jan 2024 14:14:09 GMT

GET
H3 200 cff149ee1e9d2be50ac77bcd86769d05.woff2
static.canva.com/web/images/ Frame F723 38 KB
39 KB 42ms
41ms Font
font/woff2 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.canva.com/web/images/cff149ee1e9d2be50ac77bcd86769d05.woff2

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c84de7e52d68bd3b651219e7085236babc85a0c7c79f21a14f0cdddbd0fb4b4c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_static
age: 4772083
x-amz-request-id: 01D057MNANK2RT9N
x-amz-server-side-encryption: AES256
x-amz-version-id: YEA5eo3Fp8S09b5bD2ry0YglfxfscDWG
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 38848
x-amz-id-2: hPRQeOnQsYApHeYUx2c6Q5SUrV52JbLAvC5kjD7aIXwfjGzOsIdfm9RLntytMZu52MtHqSVj8cQ=
x-amz-expiration: expiry-date="Thu, 07 Nov 2024 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified: Tue, 07 Nov 2023 01:52:17 GMT
server: cloudflare
etag: "cff149ee1e9d2be50ac77bcd86769d05"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZLLRX6M1CdYSHrJmAGKHSseIdMj088PsNkKVWEamW5tNArBvAy6Y2URLPr6o98zXLMpIhSBVX%2Bav7T%2Fwr6JLVKUEQ%2Fuv6zRKvEcpcY6pBxtlDXfMdX4ewH79gRcVgEraG78vnD4yFrC2XYZ4gg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 840416143fdf5d94-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 CanvaSans-Regular.592419fd53b74a78d4ae9d.4377ff44aa925d2cc65596b765a8219b.woff2
font-public.canva.com/YAFLd8sKbwc/0/ Frame F723 33 KB
34 KB 28ms
27ms Font
application/octet-stream 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://font-public.canva.com/YAFLd8sKbwc/0/CanvaSans-Regular.592419fd53b74a78d4ae9d.4377ff44aa925d2cc65596b765a8219b.woff2

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f79479236fb92f5507db8d2f7230c48b27f6609354ace7c26e1e32a04ed0f806

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_font-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_font-public
age: 4809068
x-amz-request-id: 01DEWN5GZ6Q9CN9J
x-amz-server-side-encryption: AES256
x-amz-version-id: H5Ul9mCzHlDJ_38WE3WffAQfMBAmdYh1
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 34060
x-amz-id-2: bSbjn8KrvCawsuorcJwu+UJWnWMLsbR99bblBdXdFmvJvdoqRY8Z2ctsgy01DyOoNyCgdCL8sPU=
last-modified: Tue, 06 Sep 2022 15:12:16 GMT
server: cloudflare
etag: "4f7938cd9af5c416074a166cef004afe"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTr9KGtNCEMO3s55YGP%2B84YDXdUVqY%2BQ2xQVZ0izZ6WbsuxhPfT9si0SF%2FwpvWHA4albUyPwRNDyjjyaj%2BA6KetwJvluqh1sChjvfq2%2BszVjQunYgjsQ0m9IIL1NCMIiv9wIJ8gn%2B44G%2BIR1fLS0Ae9igQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 8404161438059273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 14:14:09 GMT

GET
H2 200 DMSans-Bold.d58362f669e7edb1830e89940d4c.9340013c7d177c83df1edab0cf96ac10.woff2
font-public.canva.com/YAD1aU3sLnI/0/ Frame F723 30 KB
32 KB 29ms
28ms Font
application/octet-stream 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://font-public.canva.com/YAD1aU3sLnI/0/DMSans-Bold.d58362f669e7edb1830e89940d4c.9340013c7d177c83df1edab0cf96ac10.woff2

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23d7912e30cca1831cdf2e9270ba71f9a540e37f3dd989585df54e7906537e97

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_font-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_font-public
age: 2982866
x-amz-request-id: 01DFA3AQXNWG4SMV
x-amz-server-side-encryption: AES256
x-amz-version-id: cR9PjYWTeCYiyHB65lZGH6XWhqpUZxtF
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 30896
x-amz-id-2: YeiTiNc+Ud3iN9iO4A4qR/IVfSOEEQMPcrl5a8mec8Mhev1CV2POZ23znE2RA/FlNf3EA3Db8RA=
last-modified: Tue, 22 Dec 2020 02:13:31 GMT
server: cloudflare
etag: "27449286fd05812a3f253c751e54d3bd"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPxyeZJY%2B0aEmHfe6YdMFergLhhVtLkASY0vbdpb6LBREfB2hXth8CDXkXXFNe0wytfY%2BIkH6CCE1NxmAagb%2B%2F6m6SjvEnF%2FlMgCe6J1ntBRKdv6pFQvsMgAlE8bWliiIaJHp%2BpHCdehp9zsbkLs2u9Okg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 8404161438019273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 14:14:09 GMT

GET
H2 200 DMSans-Regular.f8f3e3f30371f4c7c1589b491.8f7934b3d45567e9cf1f541e008969a9.woff2
font-public.canva.com/YAD1aU3sLnI/0/ Frame F723 30 KB
32 KB 24ms
23ms Font
application/octet-stream 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://font-public.canva.com/YAD1aU3sLnI/0/DMSans-Regular.f8f3e3f30371f4c7c1589b491.8f7934b3d45567e9cf1f541e008969a9.woff2

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bda2b2d1219e31125f948d0e43e3d45980db9184b1224e08c9ac0fcc871dfbc

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_font-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_font-public
age: 4949938
x-amz-request-id: 01DC8HZX2NJ9VAJD
x-amz-server-side-encryption: AES256
x-amz-version-id: 5EVbT.aWeZp78OZcpbJA9kAD1S6FqQSW
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 31076
x-amz-id-2: 0PLTZSrAgZ7irfhBAVLHV04rP4jRWqZ+2Nhyhh8/N3qVOafIci8AGtLHb1qe1i9wSTYl10qtZ6Q=
last-modified: Tue, 22 Dec 2020 02:13:29 GMT
server: cloudflare
etag: "3807552d3159af9d0cced5dbfd5dfa15"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pS6nbqgFdnimKwhROMmwy5kum%2Bt19dy39npAO53GikbP7rgRjUN7aOgzTdZdWzFZbCrmCNeKR4afWz6I96C3Z02n2YBIEKQD6GlCRtouyHTeoQIlIJinE2lIdZV%2FOxbra6Q1iJVRjanu8HNq6DIMMTQbnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 8404161438049273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 14:14:09 GMT

GET
H2 200 s.svg
media-public.canva.com/qvxnI/MAExcVqvxnI/1/ Frame F723 1 KB
1 KB 49ms
33ms Image
image/svg+xml 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-public.canva.com/qvxnI/MAExcVqvxnI/1/s.svg

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e50f77e0cb05e32cc652c3937a0b34e52567cf37401d9a801ca3f50239033272

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
age: 3067671
x-amz-request-id: VSX7BE635Y2TSGNM
x-amz-server-side-encryption: AES256
x-amz-version-id: 3sdByYq3O1jvqxGowK_O5W4.w99yt_fc
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CjylPDRs9ai8knSUAp5UoqsFqXu9DD9mYnUfKNCvFQVozmiMcXKxCBMhGpCMhYNoBbHpEmY38iM=
last-modified: Fri, 03 Dec 2021 01:36:04 GMT
server: cloudflare
etag: W/"15fc526f08abc3a58f651561e284eefa"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEd134Fnc7drWY8jOib8EZeVLH58muW5j4WhxJEQh2dlWDHIKa7liFdyQm0efvRNyzBLCbkxbyc7U1mKRZshjb40IbEBbgXP91MBUJMFfWrNG3%2Bgnh5FIYIbhvoKWxoriCjfX7hHj07h6gmjWvjw%2BJlcVIU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
cf-ray: 84041614b8529273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 s.jpg
media-private.canva.com/WAOeg/MADzNqWAOeg/1/ Frame F723 114 KB
116 KB 238ms
222ms Image
image/jpeg 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-private.canva.com/WAOeg/MADzNqWAOeg/1/s.jpg?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJWF6QO3UH4PAAJ6Q%2F20240104%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240104T120504Z&X-Amz-Expires=23550&X-Amz-Signature=62854997b9aa7b1de932f6b14a020b3d246957bfbcea12a31e25afca94dac226&X-Amz-SignedHeaders=host%3Bx-amz-expected-bucket-owner&response-expires=Thu%2C%2004%20Jan%202024%2018%3A37%3A34%20GMT

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

154a9fab4c86a78b1af9128c9481b0459f7cc73cd56121e5be02d7cdd691987b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-private
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-private
x-amz-request-id: Z03RS957S9CM2MRN
x-amz-server-side-encryption: AES256
x-amz-version-id: 9U7Z7FX2RgA68xaOpz3QNTE61rQc29ne
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 117190
x-amz-id-2: HLMKU72dpexayfxUo3OcL7O3oUHAIdPp1ppkHj4MgdgYeCxuF4zOYsYOQnYvkFrMJlyu7H8ZHKA=
last-modified: Sat, 08 Feb 2020 06:58:18 GMT
server: cloudflare
etag: "4bbe59351e3442c4ed48a58d9e312969"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5bqp%2B6QSuuiLimQk4dNm7JAREY%2BD4Dih8iVzm%2FrVUmfRIWMUaI97SPs81VKLIAgTlzXrHe2712shr0ufst2KtNwh4DBuKKxuSHbhFBCl%2By%2BPHrCs1dvqoQrNqbDwsqt1M%2FVdi%2FQqij5Q78u%2BqaiY7cBw4uS"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 84041614b8589273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 t.jpg
media-public.canva.com/WAOeg/MADzNqWAOeg/1/ Frame F723 5 KB
6 KB 48ms
32ms Image
image/jpeg 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-public.canva.com/WAOeg/MADzNqWAOeg/1/t.jpg

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e49fda2bd85b11f009159efaac08b9a1f96441ca81c6f0f420bbc01a6488b48

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
x-amz-request-id: G2MBNV75MV57Q69A
cf-polished: degrade=85, origSize=12544, status=webp_bigger
x-amz-version-id: 5ItWO1J6wOwFACREO6mvnSycsU3xoifT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 5246
x-amz-id-2: qtzaQN7sXZfQICxgO7p6Y2G1FCfRTSbbcNHMIk5Fza+RpR0pyJOvGWq4ujadNSvlAJAuX3Jeuds=
last-modified: Sat, 08 Feb 2020 06:58:10 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "f25a6b0d54c0e5c13b7f27f9b9573370"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRO%2BHik3VTjsQuS94S3Uv0z%2BvHagIKtw%2FWYlOLpgPnphO7wjUk%2FPf2sktMYnFZAkAIhs6bWH26l1dw6hBAJrHDrLWNlT8Ajy5h4M6H4Lu528e7MZhAW0AY4UhJ5s2x9k%2BM4PrCe77RJIl8TMerVLENg%2FM8k%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 84041614b8519273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 s.jpg
media-public.canva.com/-Dv_Y/MAEJnx-Dv_Y/1/ Frame F723 27 KB
28 KB 47ms
31ms Image
image/webp 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-public.canva.com/-Dv_Y/MAEJnx-Dv_Y/1/s.jpg

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f27577dcfd3d4bccab15c4798d218e9be30ed9ed5adacf4cbf5b686fd3ffb92

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
age: 452474
x-amz-request-id: 0YVCK7KB3DEFRA8N
cf-polished: qual=85, origFmt=jpeg, origSize=106011
x-amz-server-side-encryption: AES256
x-amz-version-id: kVzQfeJrYqpXMPUnpbee_O9aAisqu_X0
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="s.webp"
alt-svc: h3=":443"; ma=86400
content-length: 27914
x-amz-id-2: aveFjfxLgXzsp5DNlCgP+AgtECGmuGLsRTy4gpR4wBDezFPaTY0P0a9T7pFLxzc9IV+rXz1XvUg=
last-modified: Sun, 04 Oct 2020 08:26:59 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "27c6c768be0e9907675d6e6ebb4553aa"
vary: Accept, Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkztUtIc1fDOnCsTUDBOtPGPnFvARNAIaOa3jDEih290zx5M1sVdhGjkyKA8wpm8%2BrKJ2KYwr%2BOAW8ODnET%2Fy3aXRT%2BeDaooqefirPq9U1RAA8zrFSZFEJMSEUj9Aq7Kw63%2FROJ4DRaEoWRMxf13GoWYXv4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 84041614b8539273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 t.jpg
media-public.canva.com/-Dv_Y/MAEJnx-Dv_Y/1/ Frame F723 5 KB
6 KB 50ms
35ms Image
image/webp 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-public.canva.com/-Dv_Y/MAEJnx-Dv_Y/1/t.jpg

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

398a621206860aac599d63c3049386b237a84dee633b783c5dbcabcf5db091fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
x-amz-request-id: 9EG7JK6VB91F3V3R
cf-polished: qual=85, origFmt=jpeg, origSize=30144
x-amz-server-side-encryption: AES256
x-amz-version-id: 442RgEP241my6Zt0R5Y_vAi5JxAyrP1J
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="t.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4726
x-amz-id-2: BFuV9i5YM2bKDloDMVBqBSA7bAqE7HYmi+zt0+JSE3uaf31x1I890UxDpG5tj/GdaLrBQb34itU=
last-modified: Sun, 04 Oct 2020 08:26:48 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "22ce1f5dae7fa8649f643d9ed1691c79"
access-control-max-age: 3000
vary: Accept, Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BSNRupHWiIzFXMt1jzd6M2GwyE4GlDtgLUYfVv89TTA9OtKYfv1VOVOpYsGAtorqZtn1ns1r3h0T6GZP94oYWUq2EzmiaFnNs%2B0XVU%2F6MHx99XwQPmRk0ZdZKk5Uu5Jw2kqiTO%2B2Lpn2IlxTRlT5LBgJBI%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 84041614b8559273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 s-1.svg
media-public.canva.com/iAtE8/MAFBf2iAtE8/1/ Frame F723 31 KB
12 KB 71ms
56ms Image
image/svg+xml 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-public.canva.com/iAtE8/MAFBf2iAtE8/1/s-1.svg

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aff6acb5388dd1b2527f81a3ceec1b1544964f9bfab7738ebfef7f7dc36ff6a3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
x-amz-request-id: E629BSTXGD3KGHY7
x-amz-server-side-encryption: AES256
x-amz-version-id: onza0NMh_LJ_4qeIgKLjAbHkSWscmwL.
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CcjZ7NHyXcUiT9j2fKZNWFqBSLryNnrx+raGLx9b4k4vcSRhTgL4DK/7e2ivEQv+iDKQe2JSbm4=
last-modified: Mon, 23 May 2022 07:02:55 GMT
server: cloudflare
etag: W/"bc72fd48c737c39ab2bfb6f86d09f9a8"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FKMddkElxLVXakRhcMwqjUabCfBiU9Hh5IZuI62cK96WXV8Nw%2BlqHhvqMe5B6bmIoqZf53bZgE0RabUG2zmGTTt82jt1aC34qCnGMRqDhEcaWnhqdUtHd8U01A7bWJk5V0TVMbVyQxyR%2FUJnbQzBViIzfM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
cf-ray: 84041614b8569273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 s.png
media-private.canva.com/4OeU8/MAEngo4OeU8/1/ Frame F723 14 KB
15 KB 52ms
36ms Image
image/webp 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-private.canva.com/4OeU8/MAEngo4OeU8/1/s.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJWF6QO3UH4PAAJ6Q%2F20240103%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240103T181837Z&X-Amz-Expires=86470&X-Amz-Signature=8c1f88b51209882ee9d95d6b7d5cb15dc374461d155bcfe6a8585fd272d72e40&X-Amz-SignedHeaders=host%3Bx-amz-expected-bucket-owner&response-expires=Thu%2C%2004%20Jan%202024%2018%3A19%3A47%20GMT

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed5867f796cb157cda1c92a5d08899f9313c2cb4b4bec37c4e06cf7d8ad57a4a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-private
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-private
x-amz-request-id: 31EC2NC6B8HJKAM0
cf-polished: origFmt=png, origSize=21692
x-amz-server-side-encryption: AES256
x-amz-version-id: CE4eq0emIGYve2ONHzxq2tW12b5lUi1A
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="s.webp"
alt-svc: h3=":443"; ma=86400
content-length: 14082
x-amz-id-2: ZT+5nPPMBm0uO6AAIhRuvuckCVGNv1UJVTxD+fWj93HtLh1Cyj6fVkQmG56/JKo1s3Ei5ZLcf+E=
last-modified: Wed, 27 Oct 2021 16:51:41 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "38cc6a970d22c0d3b1317f02bfe79d70"
access-control-max-age: 3000
vary: Accept, Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KLT4eZVb4I%2BIwzgx0aJurtQRqLI8BLYYGXRS7alyzELLeY1f1iYojdlJaZLiSNh6YwXwrfZQ2lOTLbeht%2BAI2YVyDm0bYp%2BTUdFyVB5ojtytum8sjFsxKAlw0o3k9b1L1z%2BSlwhvPGXi2pzUMQe2Nv3VHt1"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 84041614b8599273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 screen.png
media-private.canva.com/MADFHRfsLiA/1/ Frame F723 273 KB
274 KB 58ms
43ms Image
image/webp 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-private.canva.com/MADFHRfsLiA/1/screen.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJWF6QO3UH4PAAJ6Q%2F20240104%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240104T080544Z&X-Amz-Expires=37581&X-Amz-Signature=56a6bb4c78acdc923b968e8499cf8c1a656862420eb87719c49359de21dd38e5&X-Amz-SignedHeaders=host%3Bx-amz-expected-bucket-owner&response-expires=Thu%2C%2004%20Jan%202024%2018%3A32%3A05%20GMT

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2731401c09a420891d2c42c8b6e68f20044019edfc3db309bc4684a3011c34d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-private
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-private
x-amz-request-id: 2S8M4ZVKYKHV10F9
cf-polished: origFmt=png, origSize=426000
x-amz-version-id: wrO7k9Jn7LPQ9VVwIcLlO0ilFqKROo24
x-amz-storage-class: GLACIER_IR
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="screen.webp"
alt-svc: h3=":443"; ma=86400
content-length: 279394
x-amz-id-2: htEP0FsA9y+PXdiiiN/7mRjNIg+AMmqMsVRJR5NP8AURI05KCmXy4InmxEaBWoCTH/u0ISlVvYw=
last-modified: Thu, 04 Oct 2018 13:16:41 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "dc35cc8f42cc0cb7f309d98fcac83c44"
access-control-max-age: 3000
vary: Accept, Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wui0jHBrQyE5tvhM97aTKv44Yx9baqHdltmHoKYZneOs%2FPEPljP05H0WopeIBEzPwcCU%2Fiz7Oc4SgxXjeBi1%2BuObIQGds%2FvS4b0x0RQQeVPIym5pVx%2FzL3LLzA2Xou3ZrKAbyEzybMBPBmlUZ7p7Ih9ZQNBV"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 84041614b85a9273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 thumbnail.png
media-public.canva.com/MADFHRfsLiA/1/ Frame F723 13 KB
14 KB 76ms
61ms Image
image/webp 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-public.canva.com/MADFHRfsLiA/1/thumbnail.png

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3011f19b99f0f0d784da7c9d84d801726fe27d87f8ed8008b0b871ddaf2072a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
x-amz-request-id: QFAHZ58THY2GR22W
cf-polished: origFmt=png, origSize=14205
x-amz-server-side-encryption: AES256
x-amz-version-id: cIoiSRNlKhU3xd_KUIInY_6WqPZpUU.g
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="thumbnail.webp"
alt-svc: h3=":443"; ma=86400
content-length: 13194
x-amz-id-2: Cn0d4rTiwH13aDShZmyNpVyqPm57CC3XY4X0fncOHWbH6tWEy84I7pBU+epdzmVtlyT2+2fC5r4=
last-modified: Mon, 01 Nov 2021 14:35:24 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "1214d9690436b3fce1d653bd5fe741be"
access-control-max-age: 3000
vary: Accept, Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtG5w71nkPMzcrY%2BUBQrp8xuCDRsT%2BzBPcXj%2BttjzIsjj3tQ9Gs62Voue45m6F9gG1KQZy3FU8jjIFNeAc5slkmhS%2Fu8ZUJr%2BVkXSSIPzvN8Sk25WhAk%2B2VM16Ca%2B6JqTVLa0pLCgBf%2Fe038ijSq0kcyGP4%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 84041614b8579273-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H2 200 czM6Ly9tZWRpYS1wcml2YXRlLmNhbnZhLmNvbS9QNUkxSS9NQUZ2aWtQNUkxSS8xL3AucG5n
media.canva.com/1/image-resize/1/294_100_100_PNG_F/ Frame F723 30 KB
31 KB 193ms
182ms Image
image/png 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.canva.com/1/image-resize/1/294_100_100_PNG_F/czM6Ly9tZWRpYS1wcml2YXRlLmNhbnZhLmNvbS9QNUkxSS9NQUZ2aWtQNUkxSS8xL3AucG5n?osig=AAAAAAAAAAAAAAAAAAAAAA_jE3rzBJ0-s33LNrcdRGJZ4yKp4ja67v-6N0k9WeMw&exp=1704392064&x-canva-quality=screen&csig=AAAAAAAAAAAAAAAAAAAAAAB253w1eYvgeU71SC7jPl0OfUEylqZJmBY4Tn8W96mB

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5fbc53b30d14e6c6b97c498de6fe0ccf81a8356b5a83fb42207122b0ea625d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media
alt-svc: h3=":443"; ma=86400
x-request-id: 84041614a84c9273
x-http2-stream-id: 5343
last-modified: Thu, 4 Jan 2024 14:14:09 GMT
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jI%2FtRVY1UMzNn7wEtzTRBiUjlgWsXWIxzA8HXpYoGOLDA9f%2BO2dE%2BiZzGUBLrMWAFhHgz3LSGouQtNl2bouf9rmodtQLTbc5dZwxyaxArVvT0auexaIgI7I3MRwHOCcGDPzX4PX7nv3Wx%2B%2F5Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public,max-age=31556926
access-control-max-age: 3000
cf-ray: 84041614a84c9273-FRA
access-control-allow-headers: *

GET
H2 200 czM6Ly9tZWRpYS1wcml2YXRlLmNhbnZhLmNvbS9QNUkxSS9NQUZ2aWtQNUkxSS8xL3AucG5n
media.canva.com/1/image-resize/1/200_68_100_PNG_F/ Frame F723 26 KB
27 KB 163ms
162ms Image
image/png 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.canva.com/1/image-resize/1/200_68_100_PNG_F/czM6Ly9tZWRpYS1wcml2YXRlLmNhbnZhLmNvbS9QNUkxSS9NQUZ2aWtQNUkxSS8xL3AucG5n?osig=AAAAAAAAAAAAAAAAAAAAACN0HolugTIadndkd-AwCPZaTBisECzn9Ld1xSR3isdw&exp=1704392064&x-canva-quality=thumbnail&csig=AAAAAAAAAAAAAAAAAAAAALN21wIEIHwiiXzJj9WkGydZd5FewE9-Wglhvd0VPigg

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b46763c688491c4ec977fef0c618e12d8e04291ab07457b1dd9c2a3603a10039

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media
alt-svc: h3=":443"; ma=86400
x-request-id: 84041614e8789273
x-http2-stream-id: 14195
last-modified: Thu, 4 Jan 2024 14:14:09 GMT
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjsa1OrRRLi3H3VOqH0xgIuPKPF2DLfnSBVYBzrgMSV1tT544chxhitCN5Kjdo9g4WEy5wUOFQb2jpyr6vvLesHqzORUr6%2B%2Fe7Xgo%2FzpxHbEqiyI5Xtd1wvDo6NC8%2BKiVEVwQiPGLtyygR9Ogw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public,max-age=31556926
access-control-max-age: 3000
cf-ray: 84041614e8789273-FRA
access-control-allow-headers: *

GET
H2 200 czM6Ly9tZWRpYS1wcml2YXRlLmNhbnZhLmNvbS9oTXJzOC9NQUUybHJoTXJzOC8xL3AucG5n
media.canva.com/1/image-resize/1/800_800_100_PNG_F/ Frame F723 41 KB
41 KB 447ms
446ms Image
image/png 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.canva.com/1/image-resize/1/800_800_100_PNG_F/czM6Ly9tZWRpYS1wcml2YXRlLmNhbnZhLmNvbS9oTXJzOC9NQUUybHJoTXJzOC8xL3AucG5n?osig=AAAAAAAAAAAAAAAAAAAAAFDlLAgklVoSUPKwRj7GwBC3l78R6v1EGMBfSS1li_GX&exp=1704394178&x-canva-quality=screen&csig=AAAAAAAAAAAAAAAAAAAAAIV6Jxmrg_3eeK45BU6bGbrUW-_jsgSaT1NFwR5YQWUt

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a610b58614ef68b5d1a48318f93730fee5b88d1ed415e20960a21a06d3169a99

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media
alt-svc: h3=":443"; ma=86400
x-request-id: 84041614e8799273
x-http2-stream-id: 5465
last-modified: Thu, 4 Jan 2024 14:14:09 GMT
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Mt%2FW%2FhKea1oE7Ig7zbu%2BtIpuysAo%2B95%2Bz0uVo4CgVh1SmuvMnl4pG3kilkyZ7wFg28zYIF5kZN1ZB91kFjniVTIc1bp1m%2B6qaXSX2IOAp1H%2BGuc%2B0IeCK1zrbI2dkKDKJHk2u0YiesZKkCj7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public,max-age=31556926
access-control-max-age: 3000
cf-ray: 84041614e8799273-FRA
access-control-allow-headers: *

GET
H2 200 czM6Ly9tZWRpYS1wcml2YXRlLmNhbnZhLmNvbS9oTXJzOC9NQUUybHJoTXJzOC8xL3AucG5n
media.canva.com/1/image-resize/1/200_200_100_PNG_F/ Frame F723 6 KB
7 KB 335ms
333ms Image
image/png 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.canva.com/1/image-resize/1/200_200_100_PNG_F/czM6Ly9tZWRpYS1wcml2YXRlLmNhbnZhLmNvbS9oTXJzOC9NQUUybHJoTXJzOC8xL3AucG5n?osig=AAAAAAAAAAAAAAAAAAAAACJbAZNtX4jIPMBR3z1m18fd3O-CeEUdew3RoIU84M-n&exp=1704394178&x-canva-quality=thumbnail&csig=AAAAAAAAAAAAAAAAAAAAAJPamviyWXgwcRiup5sgMz6IhkaEkywRkblmqJI5pQ1T

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8a52c351d1c584078c4efdea9d63e559e4c6bcaa30f2cb65f8bbb009fca672

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media
alt-svc: h3=":443"; ma=86400
x-request-id: 84041614e87a9273
x-http2-stream-id: 11729
last-modified: Thu, 4 Jan 2024 14:14:09 GMT
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGUbmQ1w%2BNw0%2BmfnS%2B1HI4%2BR2BB5IvIlHlYuOdk8G%2FzfJNCnJTU9BPAUObS3SBkC26j1DoUn4STDpgQZsqBHloTxExD7%2Bteg2YEHS9TuFFnx0DVGhPXSQxXfVFJ5qvsvtepRAcN10PsVpodoEw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public,max-age=31556926
access-control-max-age: 3000
cf-ray: 84041614e87a9273-FRA
access-control-allow-headers: *

GET
H2 200 dc9688c7588b.js Show response
w.usabilla.com/ Frame CFF7 35 KB
11 KB 100ms
29ms Script
text/javascript 63.33.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/dc9688c7588b.js?lv=1
Requested by: Host: calendly.com
URL: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.7.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-7-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 799a7b38f0ce983589a982c1fc3f539187d446967498eb011a5dec505df07bdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 14:14:09 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "5bff49eccfb4bff9d93420062693daaf"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 10666

GET
H3 200 ae Show response
www.canva.com/_ajax/csrf3/ Frame F723 137 B
1 KB 128ms
127ms XHR
text/javascript 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canva.com/_ajax/csrf3/ae

Requested by

Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/7.16.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f725096e288c94faae2daf7983e568f76cbce5e3f4303a5a9cc9d4bdfc7cceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-Canva-Brand: BAAAAAAAAAA
X-Canva-App: embed
X-Canva-Build-Sha: b04f484
X-Canva-User: UAAAAAAAAAA
accept-language: de-DE,de;q=0.9
X-Canva-Analytics: AAMABUVNQkVEAA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Canva-Request: recordanalyticsevent
Referer: https://www.canva.com/design/DAF291Rb8ro/view?embed
X-Canva-Locale: de-DE
X-Canva-Build-Name: 20240102-21

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
p3p: CP=Canva does not have a P3P Policy.
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 84041614eee32bd9
pragma: No-cache
referrer-policy: strict-origin-when-cross-origin
accept-ch: Sec-CH-UA-Platform-Version
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UI1Ne3bWi9YiTVYuiKvoddfrTgUG9XCKDnTMNAmu08mxkvgoRm1WqsuqXuHDfqhQcBOpuFw7GctXXZTc0gHCL12mvjUnRAkP0S9xT75jOVkrTFiDlJ08%2FWIqMqRsUXI8rqflBMrqJ1lhDkk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: no-cache, no-store
cf-ray: 84041614eee32bd9-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 s.jpg
media-public.canva.com/-Dv_Y/MAEJnx-Dv_Y/1/ Frame F723 27 KB
29 KB 30ms
29ms Image
image/webp 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-public.canva.com/-Dv_Y/MAEJnx-Dv_Y/1/s.jpg

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f27577dcfd3d4bccab15c4798d218e9be30ed9ed5adacf4cbf5b686fd3ffb92

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
age: 2610662
x-amz-request-id: S2GWQ9M1VGZPA1YE
cf-polished: qual=85, origFmt=jpeg, origSize=106011
x-amz-server-side-encryption: AES256
x-amz-version-id: kVzQfeJrYqpXMPUnpbee_O9aAisqu_X0
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="s.webp"
alt-svc: h3=":443"; ma=86400
content-length: 27914
x-amz-id-2: XhIw2os+PBoOzzWGp3ZR4mIwbI6eziAUUh0njtfF7bWAKVnFtcCG40cK4JFybd/MDiXKjpGEK0c=
last-modified: Sun, 04 Oct 2020 08:26:59 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "27c6c768be0e9907675d6e6ebb4553aa"
vary: Accept, Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k24GzmmnkEyiwr1aHFMe9HyRTGeUguAKO5gaFCS9486TCeuSxWU8%2F7kWG0liJpE4vbUQVP8I%2F4YPZ81hZPZYjFW0SRwNXyHd%2F%2BVuhc%2F2j0g6TweO60FNTdgrD7RpgyzkjkV%2B1w78aaxTSNOggnYco4VTQh8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 84041614f86c5d94-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H3 200 t.jpg
media-public.canva.com/WAOeg/MADzNqWAOeg/1/ Frame F723 5 KB
6 KB 33ms
33ms Image
image/jpeg 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-public.canva.com/WAOeg/MADzNqWAOeg/1/t.jpg

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e49fda2bd85b11f009159efaac08b9a1f96441ca81c6f0f420bbc01a6488b48

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
age: 964015
x-amz-request-id: C43T0A2Q1DAR2AYY
cf-polished: degrade=85, origSize=12544, status=webp_bigger
x-amz-version-id: 5ItWO1J6wOwFACREO6mvnSycsU3xoifT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 5246
x-amz-id-2: jU3tM+aIL60yF1SVEvJyxkggpyMf0VLHsLL1tH/ZhhqPshKKbSJIDpOVyOf0LjWTfnFJ+LgFkrA=
last-modified: Sat, 08 Feb 2020 06:58:10 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "f25a6b0d54c0e5c13b7f27f9b9573370"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CY7ahhPJfBI36qE4NO%2FS2R0VQjxYQdu94Cdm2u4OtTYtQpF4mtjJbU9bA5UzStS7ybaU2rZIsE2aWwJCMb3UgtG5ABTyEtC%2BowUgEmTDq1GUo5wcXcgftFVZ%2BYfa91u7p383eZ3vaBvT5rtNJqZmcZxTVFU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 84041614f86d5d94-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H3 200 s.svg Show response
media-public.canva.com/qvxnI/MAExcVqvxnI/1/ Frame F723 1 KB
2 KB 25ms
25ms XHR
image/svg+xml 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-public.canva.com/qvxnI/MAExcVqvxnI/1/s.svg

Requested by

Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/7.16.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e50f77e0cb05e32cc652c3937a0b34e52567cf37401d9a801ca3f50239033272

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
age: 4705256
x-amz-request-id: 02MBRMW0Z6J3BDTQ
x-amz-server-side-encryption: AES256
x-amz-version-id: 3sdByYq3O1jvqxGowK_O5W4.w99yt_fc
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ItUUI9VKV5esAzCIX2D+amkLtxsjLmL/eO4XPAH73VnA2Z4thIcbZJLMpLSMcG2mkeibQnhnEX8=
last-modified: Fri, 03 Dec 2021 01:36:04 GMT
server: cloudflare
etag: W/"15fc526f08abc3a58f651561e284eefa"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1aLmFvEnn2Z7mipxc1qztMFO7OQjtrt6gh%2FXFfshEkp6iq1RcwzVmc090OugfRiX8QMpY2ko3IX%2FvJCQMTs7R478AsBJy%2F%2F375%2F6oo9Z%2BCgx6QfznoE4S62HuEsq%2Bg%2BW6CIehTxilltfAqOAweAedKyDGU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
cf-ray: 84041614f86f5d94-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
H3 200 s.png
media-private.canva.com/4OeU8/MAEngo4OeU8/1/ Frame F723 14 KB
15 KB 32ms
32ms Image
image/webp 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed5867f796cb157cda1c92a5d08899f9313c2cb4b4bec37c4e06cf7d8ad57a4a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-private
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-private
age: 62
x-amz-request-id: 31EC2NC6B8HJKAM0
cf-polished: origFmt=png, origSize=21692
x-amz-server-side-encryption: AES256
x-amz-version-id: CE4eq0emIGYve2ONHzxq2tW12b5lUi1A
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="s.webp"
alt-svc: h3=":443"; ma=86400
content-length: 14082
x-amz-id-2: ZT+5nPPMBm0uO6AAIhRuvuckCVGNv1UJVTxD+fWj93HtLh1Cyj6fVkQmG56/JKo1s3Ei5ZLcf+E=
last-modified: Wed, 27 Oct 2021 16:51:41 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "38cc6a970d22c0d3b1317f02bfe79d70"
vary: Accept, Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wN6gOgM37Mbe2zP94%2FJ7DPVxfiU4qVZ1a1RIh1%2FTFkg06ojJrDpTQiyLDirAdNK2vO6E%2FVCG6kfa0Em2bRl43%2BBx2zlHXOS8IdZfax%2BVt4RYv7UP8P1urfmbNbkzjMZzPcOSqUfF2t5Kqa4hz8D9oSMKjmKM"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 84041614f8725d94-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

POST
H3 200 8404160ffc1590ec Show response
www.canva.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6720 0
591 B 31ms
31ms XHR
text/plain 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canva.com/cdn-cgi/challenge-platform/h/g/jsd/r/8404160ffc1590ec

Requested by

Host: www.canva.com
URL: https://www.canva.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p39Xc%2BI4vpkFS1vn2trjewNWxrWQwgKP5FHVyjgY8b8ufGM%2Bap7DCa5g2mLkpBLhKA14okKqWnHiXZ1GVVG%2BD3UmlI%2FJbFjnolN0TPm10gemuTVzewl3aN9HrC%2BgSnb9kzMWXEkI76fujvU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 840416156f542bd9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 screen.png
media-private.canva.com/MADFHRfsLiA/1/ Frame F723 273 KB
274 KB 30ms
30ms Image
image/webp 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2731401c09a420891d2c42c8b6e68f20044019edfc3db309bc4684a3011c34d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-private
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-private
x-amz-request-id: 2S8M4ZVKYKHV10F9
cf-polished: origFmt=png, origSize=426000
x-amz-version-id: wrO7k9Jn7LPQ9VVwIcLlO0ilFqKROo24
x-amz-storage-class: GLACIER_IR
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="screen.webp"
alt-svc: h3=":443"; ma=86400
content-length: 279394
x-amz-id-2: htEP0FsA9y+PXdiiiN/7mRjNIg+AMmqMsVRJR5NP8AURI05KCmXy4InmxEaBWoCTH/u0ISlVvYw=
last-modified: Thu, 04 Oct 2018 13:16:41 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "dc35cc8f42cc0cb7f309d98fcac83c44"
access-control-max-age: 3000
vary: Accept, Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzNO98uiPZB6xgQTNeJNwHj1bpgMXEKvierbh7OB%2FD4vzqYFIb2DmDBh%2FL9tPkDjQsS6Ods3ygAaTqxQOLDfwSNFQD3PSgNTeM%2BxQPKpVYV9XxtYvkzkhpW2TTIsXboiAMcRHUZrFm1Wdex0fxTu0%2BKs3DmQ"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8404161568c05d94-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

GET
BLOB 200
OK db6258ca-d95b-4fad-8b6f-42a0604d58c2
https://www.canva.com/ Frame F723 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.canva.com/db6258ca-d95b-4fad-8b6f-42a0604d58c2
Requested by: Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 125ac5802faf3b59ed95e45d5ddb209bf43bdce4bccf40824fb8b8be1a721f75

Request headers

Referer
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 1203
Content-Type: image/svg+xml

GET
H3 200 s-1.svg Show response
media-public.canva.com/iAtE8/MAFBf2iAtE8/1/ Frame F723 31 KB
12 KB 32ms
31ms XHR
image/svg+xml 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-public.canva.com/iAtE8/MAFBf2iAtE8/1/s-1.svg

Requested by

Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/7.16.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aff6acb5388dd1b2527f81a3ceec1b1544964f9bfab7738ebfef7f7dc36ff6a3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-public
age: 176944
x-amz-request-id: E629BSTXGD3KGHY7
x-amz-server-side-encryption: AES256
x-amz-version-id: onza0NMh_LJ_4qeIgKLjAbHkSWscmwL.
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CcjZ7NHyXcUiT9j2fKZNWFqBSLryNnrx+raGLx9b4k4vcSRhTgL4DK/7e2ivEQv+iDKQe2JSbm4=
last-modified: Mon, 23 May 2022 07:02:55 GMT
server: cloudflare
etag: W/"bc72fd48c737c39ab2bfb6f86d09f9a8"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MmnEDasWoywWvtwP9bWErTaluxx1EbuzsIOK4%2F1oQcOZRa0%2FgIzNelJhhuf0Dtx3SisupA7OwJGbX%2B11jQOS3WL9hGdvZ4Lb96tS3VrL20wEmFGf8gwT%2BANHTDpiIMXs69JRWv7p%2BLKnQQ9wNxzI3AE%2FUMI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
cf-ray: 8404161588d05d94-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

POST
H3 200 create Show response
www.canva.com/_ajax/ae/ Frame F723 22 B
673 B 142ms
142ms XHR
text/javascript 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canva.com/_ajax/ae/create

Requested by

Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/7.16.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

badbc73aa47546ff0fc36e1443c8b120a75140bd9deba3f4dab88b7d2cc535bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-Canva-Brand: BAAAAAAAAAA
X-Canva-App: embed
X-Canva-Build-Sha: b04f484
X-Csrf-Token: 49KKUFJOxbZyQyfl0MT90iLyzXbJagxrI0-TlsC_Dvzu82KA0FL2pQ1TOyZGdJuuDO4EO9bgrnwanir2nSuPtP5t14M
X-Canva-User: UAAAAAAAAAA
accept-language: de-DE,de;q=0.9
X-Canva-Analytics: AAMABUVNQkVEAA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json;charset=UTF-8
X-Canva-Request: recordanalyticsevent
Referer: https://www.canva.com/design/DAF291Rb8ro/view?embed
X-Canva-Locale: de-DE
X-Canva-Build-Name: 20240102-21

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
p3p: CP=Canva does not have a P3P Policy.
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 84041615dfd02bd9
pragma: No-cache
referrer-policy: strict-origin-when-cross-origin
accept-ch: Sec-CH-UA-Platform-Version
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qV0%2BxJ1mLYYy8IfwUNjWQPyrUI8i1W5Cu3Sk%2B2k3zKxUlVlLPAcgEVvrDPteh724soDcCtoWVla3eoiYRTaBU4zpGhz%2B3t0IT5m%2BkJ54UuLlk4%2BtcrTPB1aOifWJik1b2BqJVxd%2FmC9Qyc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: no-cache, no-store
cf-ray: 84041615dfd02bd9-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK e03a8227-19ce-40ab-b378-f1075e526ce1
https://www.canva.com/ Frame F723 31 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.canva.com/e03a8227-19ce-40ab-b378-f1075e526ce1
Requested by: Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfa64446df48eed7c07047cf45efb5f9ca2be8eece189832cf2705c405017ec3

Request headers

Referer
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 31529
Content-Type: image/svg+xml

GET
H2 200 v3 Show response
js.stripe.com/ Frame 3A68 579 KB
143 KB 79ms
18ms Script
text/javascript 13.227.219.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-6df208fe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-101.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

87d7cafe6a8b148d77a2192fc3d017c3e9b5e6d693b20098cf743499a1708a2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
content-encoding: br
via: 1.1 630336d6cdf08cf266841fd503dc03d0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 6
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Wed, 03 Jan 2024 21:37:54 GMT
server: Cloudfront
etag: W/"e67b281888b25802dc95b074f4cdf75e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 7RKPQhxj4l8DPtpcB2OZblKRzsY-XVZMKXEkcUjGreqfrV5zCQCypQ==

GET
H2 200 user Show response
calendly.com/api/booking/ Frame 3A68 2 B
161 B 198ms
198ms XHR
application/json 2606:4700:4400::ac40:9251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calendly.com/api/booking/user

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-6df208fe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept: application/json, text/plain, */*
Referer: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline
X-CSRF-Token: 4nvvKbKWWb6a84keT0sCEemePQJSMDTfHTP17gj1T0vft0Uh0ikBh6rtb_-ici8q_D_esItaCaZ00KDdN5IokQ
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-runtime: 0.010812
date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
etag: W/"44136fa355b3678a1146ad16f7e8649e"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 84041616ea1e1c36-FRA
x-request-id: 8316132961433508121e29af6c95415d

GET
H2 200 request Show response
calendly.com/api/booking/ Frame 3A68 41 B
166 B 209ms
209ms XHR
application/json 2606:4700:4400::ac40:9251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calendly.com/api/booking/request

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-6df208fe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

646c9c575c477ec1fc64f3df83af60acea3a0ecf4f6dd2c7202a32e8e115ada9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept: application/json, text/plain, */*
Referer: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline
X-CSRF-Token: 4nvvKbKWWb6a84keT0sCEemePQJSMDTfHTP17gj1T0vft0Uh0ikBh6rtb_-ici8q_D_esItaCaZ00KDdN5IokQ
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-runtime: 0.012145
date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
etag: W/"646c9c575c477ec1fc64f3df83af60ac"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 84041616ea211c36-FRA
x-request-id: 5b09bc1556098ff4cdfa246e5bef819e

GET
H2 200 settings Show response
calendly.com/api/booking/ Frame 3A68 2 KB
1 KB 214ms
214ms XHR
application/json 2606:4700:4400::ac40:9251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calendly.com/api/booking/settings

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-6df208fe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01a66f314327c44281f84d65a39b9473117ef5e91035f9c1b9554b63431242c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept: application/json, text/plain, */*
Referer: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline
X-CSRF-Token: 4nvvKbKWWb6a84keT0sCEemePQJSMDTfHTP17gj1T0vft0Uh0ikBh6rtb_-ici8q_D_esItaCaZ00KDdN5IokQ
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-runtime: 0.007862
date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
etag: W/"01a66f314327c44281f84d65a39b9473"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 84041616ea221c36-FRA
x-request-id: 38763bb83a48a847e816dcdfa91afca4

GET
H3 200 czM6Ly9tZWRpYS1wcml2YXRlLmNhbnZhLmNvbS9QNUkxSS9NQUZ2aWtQNUkxSS8xL3AucG5n
media.canva.com/1/image-resize/1/294_100_100_PNG_F/ Frame F723 30 KB
31 KB 453ms
453ms Image
image/png 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5fbc53b30d14e6c6b97c498de6fe0ccf81a8356b5a83fb42207122b0ea625d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media
alt-svc: h3=":443"; ma=86400
x-request-id: 84041616ea035d94
x-http2-stream-id: 18233
last-modified: Thu, 4 Jan 2024 14:14:10 GMT
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B21sKYQzMsPP6Y%2F%2FTG0JojetV0D3AFPk%2FBdjvjGisnTW%2Fv5mzDmUv2toZH%2BBbLi2RdwqH%2Fko6QUyELqyazTo09yTG4RopcImr77ryAvzVdvzyePPsp%2FqdVdQ8whgVsorEVrC4DXqKs5wLsGbsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public,max-age=31556926
access-control-max-age: 3000
cf-ray: 84041616ea035d94-FRA
access-control-allow-headers: *

GET
H3 200 s.jpg
media-private.canva.com/WAOeg/MADzNqWAOeg/1/ Frame F723 114 KB
116 KB 60ms
60ms Image
image/jpeg 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

154a9fab4c86a78b1af9128c9481b0459f7cc73cd56121e5be02d7cdd691987b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-private
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media-private
x-amz-request-id: Z03RS957S9CM2MRN
x-amz-server-side-encryption: AES256
x-amz-version-id: 9U7Z7FX2RgA68xaOpz3QNTE61rQc29ne
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 117190
x-amz-id-2: HLMKU72dpexayfxUo3OcL7O3oUHAIdPp1ppkHj4MgdgYeCxuF4zOYsYOQnYvkFrMJlyu7H8ZHKA=
last-modified: Sat, 08 Feb 2020 06:58:18 GMT
server: cloudflare
etag: "4bbe59351e3442c4ed48a58d9e312969"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arMDdYf3yTM1KYkPLgtgyd0mIGrnn8Ib5aUfAhY%2F10u6afRF6GVSjkArI5iyATCwfK9YYA0Q%2Fq4kALiPJKNlkDupiaN%2FAHmdtYthtbViys4gH22JqLPyF4ona8qVnVQsw6UJvsgMrGSFRtIf87s9pVRnYn6o"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31556926
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 84041616ea0e5d94-FRA
timing-allow-origin: https://www.canva.com
expires: Fri, 03 Jan 2025 20:02:55 GMT

POST
H3 200 create Show response
www.canva.com/_ajax/ae/ Frame F723 22 B
668 B 140ms
140ms XHR
text/javascript 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canva.com/_ajax/ae/create

Requested by

Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/7.16.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

badbc73aa47546ff0fc36e1443c8b120a75140bd9deba3f4dab88b7d2cc535bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-Canva-Brand: BAAAAAAAAAA
X-Canva-App: embed
X-Canva-Build-Sha: b04f484
X-Csrf-Token: 49KKUFJOxbZyQyfl0MT90iLyzXbJagxrI0-TlsC_Dvzu82KA0FL2pQ1TOyZGdJuuDO4EO9bgrnwanir2nSuPtP5t14M
X-Canva-User: UAAAAAAAAAA
accept-language: de-DE,de;q=0.9
X-Canva-Analytics: AAMABUVNQkVEAA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json;charset=UTF-8
X-Canva-Request: recordanalyticsevent
Referer: https://www.canva.com/design/DAF291Rb8ro/view?embed
X-Canva-Locale: de-DE
X-Canva-Build-Name: 20240102-21

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
p3p: CP=Canva does not have a P3P Policy.
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 8404161719192bd9
pragma: No-cache
referrer-policy: strict-origin-when-cross-origin
accept-ch: Sec-CH-UA-Platform-Version
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgsMspD8MkqrL31vRqXLXesZfX%2BddpVRp5tHB8niLC6NqbNJZRq2GLx1dUTtPe44coimpDxGfEImPgTQHDEJpJVmF2YtzcY3KMHID9gQd7jtViDT%2FdQ18nR66StAX4TnLrSBTc00K5sSunk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: no-cache, no-store
cf-ray: 8404161719192bd9-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET czM6Ly9tZWRpYS1wcml2YXRlLmNhbnZhLmNvbS9oTXJzOC9NQUUybHJoTXJzOC8xL3AucG5n
media.canva.com/1/image-resize/1/200_200_100_PNG_F/ Frame F723 0
0

GET
BLOB 200
OK 1b8e1d3c-0e7f-4083-8381-369784a844e8
https://www.canva.com/ Frame F723 55 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.canva.com/1b8e1d3c-0e7f-4083-8381-369784a844e8
Requested by: Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8aef9b50ff2a6111cb98dc8bf1ed71c04964ef7e1fb8e8b82eee2516e288d2c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 56760
Content-Type: image/png

GET
BLOB 200
OK 2e2b1829-3b3b-4582-bc4e-e0047219a7a2
https://www.canva.com/ Frame F723 49 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.canva.com/2e2b1829-3b3b-4582-bc4e-e0047219a7a2
Requested by: Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50de36e4889fa79fc4893345436a6e48b4d1453e6664e4823ab97cf0521196b0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 49753
Content-Type: image/png

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
197 B 162ms
162ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.cgmoneta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Jan 2024 14:14:09 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: BDE267E5D2C64A5A8DC087610DB564E4 Ref B: FRAEDGE2007 Ref C: 2024-01-04T14:14:09Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.cgmoneta.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYOH1hi+ETuU+4T0Sxhlw==

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 3EC6 200 B
1 KB 17ms
16ms Document
text/html 13.227.219.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-101.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://calendly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2576
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 04 Jan 2024 13:31:15 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 22 Dec 2023 21:08:17 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 630336d6cdf08cf266841fd503dc03d0.cloudfront.net (CloudFront)
x-amz-cf-id: IoF-gSRA5UCtsbRzm2iYP1XVTsHySnZqA7qVKHYfDz0rAmIqk01u-Q==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 czM6Ly9tZWRpYS1wcml2YXRlLmNhbnZhLmNvbS9oTXJzOC9NQUUybHJoTXJzOC8xL3AucG5n
media.canva.com/1/image-resize/1/800_800_100_PNG_F/ Frame F723 41 KB
42 KB 632ms
632ms Image
image/png 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.canva.com
URL: https://www.canva.com/design/DAF291Rb8ro/view?embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a610b58614ef68b5d1a48318f93730fee5b88d1ed415e20960a21a06d3169a99

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
Origin: https://www.canva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: script-src 'none'; frame-src 'none'; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'; form-action 'none'; base-uri 'none'; report-uri https://csp.canva.com/_cspreport?app=s3_media
alt-svc: h3=":443"; ma=86400
x-request-id: 84041617baa05d94
x-http2-stream-id: 11781
last-modified: Thu, 4 Jan 2024 14:14:10 GMT
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHO8CGaCjY0RBNpFpxHHAsG4iDQsqPqQHmv5IEgw%2BLq%2FUd1oM%2FNQhgb%2Fog27%2Fh7KaD4qsOJEH1AyEIK6Za4xsPmHOWSDHcPtlPt2m1FEdElBTX24zQpHJwNbJuXUzdE46%2BZVCAIDLQgOBLAIEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public,max-age=31556926
access-control-max-age: 3000
cf-ray: 84041617baa05d94-FRA
access-control-allow-headers: *

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3EC6 526 B
1 KB 16ms
15ms Script
text/javascript 13.227.219.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-101.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 13:31:15 GMT
via: 1.1 630336d6cdf08cf266841fd503dc03d0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 2576
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
content-length: 526
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: oIMiEVE9X9fhI2cKbDpQf7UjIe3epJuSw7QuxaMcz_Mn5eOCcX36ow==

POST
H2 200 csp-report
q.stripe.com/ Frame 3EC6 0
716 B 556ms
182ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704377650343407
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704377650343163
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3EC6 0
717 B 556ms
182ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704377650343317
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704377650343092
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame DBB8 930 B
2 KB 50ms
9ms Document
text/html 2600:9000:2057:6800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 04 Jan 2024 14:13:37 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-amz-cf-id: KR4xO_lLyuNoJpy4spmY3RIe1GF51-rpSmaigLIz-xZftotSDeGdyQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame DBB8 0
490 B 486ms
183ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704377650343538
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1704377650343126
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame DBB8 87 KB
14 KB 9ms
9ms Script
text/javascript 2600:9000:2057:6800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:13:36 GMT
content-encoding: br
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 34
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: 0FMCKbUpX93XnJwGphX5UdF5WdkVlQvcwOiFh2Em84s-WRKstCXC4w==

GET
H2 200 en-e46e1540.chunk.js Show response
assets.calendly.com/assets/booking/js/locales/ Frame 3A68 30 KB
10 KB 192ms
192ms Script
application/javascript 2606:4700:4400::ac40:9251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/booking/js/locales/en-e46e1540.chunk.js

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-runtime-838aa5fe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1bae178d0e5d1c10e0032445b558c79d430f4b62a6ee8fad1395a195530368

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 12 Dec 2023 15:14:11 GMT
cf-bgj: minify
server: cloudflare
age: 1983329
etag: W/"9ab903a18b0dde6889ad1073004e6763"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=31536000
cf-ray: 840416184b5c1c36-FRA
expires: Fri, 05 Jan 2024 14:14:10 GMT

GET
H2 200 config.json Show response
notifier-configs.airbrake.io/2020-06-18/config/90109/ Frame 3A68 220 B
490 B 97ms
96ms Fetch
application/json 3.89.82.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://notifier-configs.airbrake.io/2020-06-18/config/90109/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.8&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36&language=JavaScript
Requested by: Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-6df208fe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.82.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-82-132.compute-1.amazonaws.com
Software: /
Resource Hash: b7684ef5ef7ee0d536403226f29a0d97d394ea2bec8877983a3f2da6d4665432

Request headers

Accept: application/json
Cache-Control: no-cache,no-store
Referer: https://calendly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 04 Jan 2024 14:14:10 GMT
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 220
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=UTF-8

OPTIONS
H2 204 config.json
notifier-configs.airbrake.io/2020-06-18/config/90109/ Frame 0
0 316ms
97ms Preflight 3.89.82.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://notifier-configs.airbrake.io/2020-06-18/config/90109/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.8&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36&language=JavaScript
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.82.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-82-132.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control
Access-Control-Request-Method: GET
Origin: https://calendly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
allow: OPTIONS, GET
date: Thu, 04 Jan 2024 14:14:10 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame DBB8 156 B
670 B 597ms
189ms XHR
application/json 54.201.135.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.135.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-135-255.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9d256a3f00b21d2f1385fa4a8069538fe846fa9b7a862b13306ec918c999b605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704377650500956
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1704377650500338
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 enterprise.js Show response
www.recaptcha.net/recaptcha/ Frame 3A68 1 KB
1 KB 37ms
17ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-6df208fe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aa91f04e209f1a3f6a7d81d3f53090b9fd6d3b63c12ee1ae5dce4292e326577d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 04 Jan 2024 14:14:10 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ Frame 3A68 21 KB
7 KB 32ms
17ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-6df208fe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Jan 2024 14:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: FWT01iLvZ++xUAz3aesSug==
age: 29645
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Wed, 03 Jan 2024 22:17:18 GMT
server: cloudflare
etag: 0x8DC0CA9BF9BFF37
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1f518f4a-801e-0043-4dbb-3edfdf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8404161998dcbb5c-FRA

GET
H2 200 experiments Show response
calendly.com/api/booking/ Frame 3A68 370 KB
35 KB 312ms
312ms Fetch
application/json 2606:4700:4400::ac40:9251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calendly.com/api/booking/experiments?

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-6df208fe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4498753b0459953569f15b6ac7346646d8c0dea0d582c93402b318402f907474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/cgmonetallc?embed_domain=www.cgmoneta.com&embed_type=Inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-runtime: 0.100983
date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
etag: W/"4498753b0459953569f15b6ac7346646"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 840416199cdb1c36-FRA
x-request-id: 18a77a9632b3b73c7b88f888a8dcc2cf

GET
H2 200 a838c8e4-e3ce-442e-8f96-c88d0af98990.json Show response
cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/ Frame 3A68 5 KB
2 KB 37ms
23ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/a838c8e4-e3ce-442e-8f96-c88d0af98990.json

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-6df208fe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bd68c785340bcc6327fcba943670d7e70022a25aef46af666d5d945ca365a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Jan 2024 14:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14020
content-md5: KKjjHTE5l4Mu7IIj7UcqPg==
content-length: 1793
x-ms-lease-status: unlocked
last-modified: Tue, 31 Oct 2023 22:44:02 GMT
server: cloudflare
etag: 0x8DBDA62E10E6583
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ce61f3d9-101e-0051-116a-0ca40f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84041619dd4e71af-FRA
expires: Fri, 05 Jan 2024 14:14:10 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 3A68 505 KB
203 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://calendly.com/
Origin: https://calendly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 10:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 10:18:58 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame 3A68 66 B
303 B 39ms
23ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: assets.calendly.com
URL: https://assets.calendly.com/assets/booking/js/booking-6df208fe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://calendly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8404161a1ee84d40-FRA
access-control-allow-headers: Content-Type

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/enterprise/ Frame 28A9 42 KB
27 KB 28ms
28ms Document
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=n87gqfjor06j

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8d71c24d09c0125f4be4e6da48e03948b3da4edce08e52d232db0b0cd3c784c6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Uz9yCMzUyS4eijqsUL-Z3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://calendly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Uz9yCMzUyS4eijqsUL-Z3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jan 2024 14:14:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/ Frame 3A68 426 KB
103 KB 16ms
16ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feeb83e3a11fb74465e062a5081f1f6f573ef66197f218a3a86447fefe3166f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Jan 2024 14:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 1/fYiRcAkidM+2Rc1fEXtg==
age: 27506
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 104832
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:14 GMT
server: cloudflare
etag: 0x8DBD5D490C850BD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 95a24b7c-c01e-0089-1a8c-228356000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8404161a7a04bb5c-FRA

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 28A9 55 KB
24 KB 21ms
7ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=n87gqfjor06j

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 12:30:51 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 28A9 505 KB
203 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 10:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 10:18:58 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/09d90f69-3cca-463b-a696-a372304e4e94/ Frame 3A68 118 KB
24 KB 22ms
21ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/09d90f69-3cca-463b-a696-a372304e4e94/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d84bca3e5fd4f5cdc0d0d889e33b3feb68e9055797353af5061609a95b2ef30a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Jan 2024 14:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 13892
content-md5: szu3C7JrmSswNvgTOLAEYg==
content-length: 24698
x-ms-lease-status: unlocked
last-modified: Tue, 31 Oct 2023 22:44:12 GMT
server: cloudflare
etag: 0x8DBDA62E770BE59
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 370d7ac5-d01e-0085-384b-0c145e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8404161abe3171af-FRA
expires: Fri, 05 Jan 2024 14:14:10 GMT

GET
H2 200 otFloatingRounded.json Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/ Frame 3A68 10 KB
3 KB 17ms
17ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/otFloatingRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef072b9ae1b3c29f94781c86bcdfdb71c1e06bbc7a2f05bc65dcfa2eefdde02c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Jan 2024 14:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: M1yL2FbLdou5AwmgPAi4Jg==
age: 14019
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2644
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:07 GMT
server: cloudflare
etag: 0x8DBD5D48CF100D5
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 925cbef0-801e-0031-1738-0cd890000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8404161aee6271af-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/v2/ Frame 3A68 64 KB
13 KB 15ms
15ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a14854a5e198f939ca07cf5fea4418466f196a1dfa72e829dfe0157850d39392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Jan 2024 14:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: HkSm8jQRWxYUOXcw9B+VNA==
age: 14020
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12874
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:10 GMT
server: cloudflare
etag: 0x8DBD5D48E6E1909
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1afc4afa-d01e-0013-0b1d-121d8f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8404161aee6371af-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/ Frame 3A68 21 KB
4 KB 18ms
18ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 14020
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 86919177-201e-0028-4277-14582b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8404161aee6471af-FRA

GET
H2 200 SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js Show response
www.google.com/js/bg/ Frame 28A9 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 19:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 327216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6849
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Dec 2024 19:20:34 GMT

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/enterprise/ Frame 28A9 102 B
135 B 15ms
15ms Other
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=n87gqfjor06j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 04 Jan 2024 14:14:10 GMT

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ Frame 3A68 651 B
600 B 16ms
16ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 36997
x-ms-lease-status: unlocked
last-modified: Wed, 03 Jan 2024 03:13:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 01f7c19d-b01e-003a-4e01-3e23fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8404161b2aa9bb5c-FRA

GET
DATA 200
OK truncated
/ Frame 3A68 37 KB
37 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d41624e9721619a0dbe00d0fd9c0175a8f97c484aab61117db7246f69b7de9ba

Request headers

Referer
Origin: https://calendly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame 3A68 45 KB
45 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ea98b82eb62795846fed9452c40531d668dd519e29633c196905d6f5af8d846

Request headers

Referer
Origin: https://calendly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: font/woff

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ Frame 3A68 497 B
489 B 15ms
15ms Fetch
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 14019
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 03:32:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 98b8c1d4-501e-009b-3acc-3ef886000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8404161b2e9971af-FRA

GET
H2 200 logo.png
cdn.cookielaw.org/logos/122ecfc3-4694-42f1-863f-2db42d1b1e68/0e69414e-286b-4e49-b24b-84b4ed6d6ec9/c05bbdff-e7a2-4d14-a37f-28e2f63112d5/ Frame 3A68 9 KB
9 KB 16ms
16ms Image
image/png 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/122ecfc3-4694-42f1-863f-2db42d1b1e68/0e69414e-286b-4e49-b24b-84b4ed6d6ec9/c05bbdff-e7a2-4d14-a37f-28e2f63112d5/logo.png

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4587c9ec2c976da6c06f6862ebe5695ce3aed04bb0bf51ba84d0dcbcee2b66ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: UvfJ5TQq0vkufjKYiCMMKQ==
age: 24948
content-length: 9498
x-ms-lease-status: unlocked
last-modified: Mon, 30 Jan 2023 14:48:40 GMT
server: cloudflare
etag: 0x8DB02D113EE0475
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 95a72937-201e-0091-228d-0c5c31000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8404161b3ab9bb5c-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ Frame 3A68 5 KB
2 KB 15ms
15ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 27523
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 03:32:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f81f2af0-701e-0035-13c1-3e5597000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8404161b3ababb5c-FRA

GET
H/1.1 200
OK 104c67c7.png
d3v0px0pttie1i.cloudfront.net/uploads/user/avatar/5817234/ Frame 3A68 9 KB
9 KB 243ms
37ms Image
image/png 65.9.94.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v0px0pttie1i.cloudfront.net/uploads/user/avatar/5817234/104c67c7.png
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-137.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 47ed7727f89b6ab6ceacd105e768619250af87b2242ab048a18dc2db26e80421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://calendly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 21:20:20 GMT
x-amz-version-id: poeBYvCPZHhOEm_KtmMVlHAZvxw5zG7E
Via: 1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
Last-Modified: Tue, 19 Apr 2022 12:43:47 GMT
Server: AmazonS3
X-Amz-Cf-Pop: PRG50-C1
Age: 147231
ETag: "3eed38c5c97708a841ed9deb998b5fae"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=315576000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8735
X-Amz-Cf-Id: gCP1Q9ft-rbms0OdaP_a4Gkvt3KvmOoz03izT7kMXkjoRUh9d7-GXg==

GET
H2 200 aem.js Show response
wsmcdn.audioeye.com/ 1 KB
694 B 98ms
14ms Script
application/javascript 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsmcdn.audioeye.com/aem.js
Requested by: Host: www.cgmoneta.com
URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1edc6090fdd977907affc372b84db4d4a5fa78f625ed1aca3363a4b38078c02f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
content-encoding: br
surrogate-keys
cf-cache-status: HIT
server: cloudflare
age: 15
etag: W/"f4ab7e73ae7bf44359355cee706a7c6f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=120
cf-ray: 8404161d5abc4d58-FRA

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 121 B
384 B 17ms
17ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62ceb9207b967b11799955fa/1g7ro6acc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 155930
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8404161cd9d90493-FRA

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 81 KB
29 KB 22ms
21ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62ceb9207b967b11799955fa/1g7ro6acc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 155930
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"ce3014b09c6dfbd6f92bc585fd840580"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8404161cd9dc0493-FRA

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 212 KB
62 KB 28ms
28ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62ceb9207b967b11799955fa/1g7ro6acc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 155930
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"86b32a04921a039ace69980bacd1b639"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8404161cd9df0493-FRA

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 219 KB
43 KB 40ms
40ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62ceb9207b967b11799955fa/1g7ro6acc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

252458ca95d1b4ebb463113ddaf8be2331453431243c0ef8196eef04da4dcf1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 155930
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"7cb04588da7fac9195cf9fcf0a9cd695"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8404161cd9e20493-FRA

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 2 KB
1 KB 19ms
19ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62ceb9207b967b11799955fa/1g7ro6acc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

221f1816ebb7a87ef915cd7a2e091cb0a14082b7ac494039d4e28d29ce384e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 155930
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"8a62145a771f178a2f2776bd2b72d0d5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8404161cd9e30493-FRA

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 151 B
372 B 17ms
17ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62ceb9207b967b11799955fa/1g7ro6acc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 155930
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8404161cd9e60493-FRA

POST
H3 204 rum Show response
www.canva.com/cdn-cgi/ Frame F723 0
140 B 10ms
10ms XHR
text/plain 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canva.com/cdn-cgi/rum?

Requested by

Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/7.16.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.canva.com/design/DAF291Rb8ro/view?embed
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: application/json

Response headers

date: Thu, 04 Jan 2024 14:14:10 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.canva.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8404161cdf692bd9-FRA

POST
H2 204 metrics
rtc.multiscreensite.com/performance/ 0
0 102ms
102ms Fetch 3.222.32.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtc.multiscreensite.com/performance/metrics
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/21.583f2d96326ff86e650d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.32.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-32-116.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.cgmoneta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 04 Jan 2024 14:14:10 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 metrics
rtc.multiscreensite.com/performance/ Frame 0
0 102ms
102ms Preflight 3.222.32.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtc.multiscreensite.com/performance/metrics
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.32.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-32-116.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cgmoneta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Thu, 04 Jan 2024 14:14:10 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 513ms
512ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=62ceb9207b967b11799955fa&widgetId=1g7ro6acc&sv=null

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec6a3bc8c0aa64b20e093b968f3a4ea470b942e931f38cf5e1d41e1c2ecad87a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:11 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-rzsp
server: cloudflare
etag: W/"2-24-0"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 8404161d78054db6-FRA
access-control-allow-headers: content-type,x-tawk-token

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1019 B
1 KB 1113ms
946ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cea83a54504412e2419af43d32b5344757c2a052ec24244e8eff51b8e0ebe64

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 04 Jan 2024 14:14:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.cgmoneta.com
access-control-allow-credentials: true
cf-ray: 840416205b489a0b-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-4x9m

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 290ms
290ms Preflight 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cgmoneta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.cgmoneta.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8404161d78074db6-FRA
date: Thu, 04 Jan 2024 14:14:11 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-6bfz

GET
H2 200 bootstrap.js Show response
wsv3cdn.audioeye.com/ 56 KB
20 KB 228ms
188ms Script
application/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=663d900ab64794226f3dc8ebc5058820&cb=226ebee
Requested by: Host: wsmcdn.audioeye.com
URL: https://wsmcdn.audioeye.com/aem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28b153de5b0a3d9b6531a3c6e4cd3c181e92025fb2824919b0139347c94493cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:11 GMT
content-encoding: br
surrogate-keys: 663d900ab64794226f3dc8ebc5058820
cf-cache-status: HIT
server: cloudflare
etag: W/"b023569f05d50e08ce355abc7b783526"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600, s-maxage=21600
cf-ray: 8404161db8fd91fc-FRA

GET
H2 200 loader.js Show response
wsv3cdn.audioeye.com/v2/scripts/ 33 KB
10 KB 267ms
249ms Script
text/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/scripts/loader.js?h=663d900ab64794226f3dc8ebc5058820&lang=en&cb=226ebee
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=663d900ab64794226f3dc8ebc5058820&cb=226ebee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 078948e601a270824f2ef594d21304409c880bb8a2556d68cfde07271d000d17

Request headers

Referer: https://www.cgmoneta.com/
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:11 GMT
content-encoding: br
surrogate-key: prod 663d900ab64794226f3dc8ebc5058820 226ebee
last-modified: Thu, 04 Jan 2024 14:05:39 GMT
server: cloudflare
cf-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
cf-ray: 8404161f18705d9f-FRA

GET
H2 200 jquery.bundle.226ebee.js Show response
wsv3cdn.audioeye.com/v2/build/ 95 KB
34 KB 20ms
20ms Script
application/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/jquery.bundle.226ebee.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=663d900ab64794226f3dc8ebc5058820&cb=226ebee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e1bc6d2ef60d701eae8d697ded42adc11642c299b3406a617b9ab3be6fabcf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 16:47:59 GMT
server: cloudflare
age: 3290
etag: W/"6579e03f-17d97"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8404161ef99b91fc-FRA
expires: Fri, 03 Jan 2025 14:14:11 GMT

GET
H2 200 startup.bundle.226ebee.js Show response
wsv3cdn.audioeye.com/v2/build/ 428 KB
115 KB 24ms
24ms Script
application/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.226ebee.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=663d900ab64794226f3dc8ebc5058820&cb=226ebee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef6ec065a844b4be0a42913b9ba9b32757576fba278a1ebac0bbb4c3f1688e98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Jan 2024 01:05:29 GMT
server: cloudflare
age: 572
etag: W/"65960459-6aff7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8404161ef99c91fc-FRA
expires: Fri, 03 Jan 2025 14:14:11 GMT

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/65839862293/languages/ 17 KB
4 KB 16ms
15ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:11 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1253410
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"7f37a030886ec7fce1d065ec482789ee"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84041620bb839a0b-FRA

GET
H2 200 smartrems.bundle.226ebee.js Show response
wsv3cdn.audioeye.com/v2/build/ 135 KB
40 KB 19ms
19ms Script
application/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/smartrems.bundle.226ebee.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.226ebee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7a3e3bc4958ecbc5cad7122e62d2d9658197eb70331e8c512ed0b8e4a7b18b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 16:47:59 GMT
server: cloudflare
age: 6408
etag: W/"6579e03f-21d4f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 840416214ae691fc-FRA
expires: Fri, 03 Jan 2025 14:14:11 GMT

GET
H2 200 tangoEngine.bundle.226ebee.js Show response
wsv3cdn.audioeye.com/v2/build/ 108 KB
35 KB 17ms
17ms Script
application/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/tangoEngine.bundle.226ebee.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.226ebee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49b56be5f9301b8299d1c6528b53ab55e382eddb2a7e4d7bea8ecd9ecf7adf6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Jan 2024 01:05:28 GMT
server: cloudflare
age: 3086
etag: W/"65960458-1b122"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 840416214ae791fc-FRA
expires: Fri, 03 Jan 2025 14:14:11 GMT

GET
H2 200 cookieStorage.html Show response
wsv3cdn.audioeye.com/v2/frame/ Frame 3CED 813 B
590 B 13ms
13ms Document
text/html 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=226ebee
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.226ebee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d79401585d50c8e625f6abd3c443cdd31f1ec73cc7f7f570d3330dc706f433f7

Request headers

Referer: https://www.cgmoneta.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1891454
cache-control: public, max-age=365000000, immutable
cf-cache-status: HIT
cf-ray: 84041621eb3a91fc-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 04 Jan 2024 14:14:11 GMT
last-modified: Wed, 13 Dec 2023 16:48:24 GMT
server: cloudflare
vary: Accept-Encoding

POST
H2 200 send
analytics.audioeye.com/air/v0/ 0
61 B 587ms
187ms Ping
text/plain 34.223.218.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.audioeye.com/air/v0/send
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.226ebee.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.223.218.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-223-218-178.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cgmoneta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 04 Jan 2024 14:14:11 GMT
content-length: 0

GET
H2 200 1856.bundle.226ebee.js Show response
wsv3cdn.audioeye.com/v2/build/ 372 B
296 B 14ms
13ms Script
application/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/1856.bundle.226ebee.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.226ebee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c439891e9ca959c88a76af5bf4ffcf654f0e031d45d609046cf78d4a20900471

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 16:47:59 GMT
server: cloudflare
age: 2962
etag: W/"6579e03f-174"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84041621eb3d91fc-FRA
expires: Fri, 03 Jan 2025 14:14:11 GMT

GET
H2 200 3772.bundle.226ebee.js Show response
wsv3cdn.audioeye.com/v2/build/ 480 B
335 B 15ms
15ms Script
application/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/3772.bundle.226ebee.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.226ebee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 16:47:59 GMT
server: cloudflare
age: 2699
etag: W/"6579e03f-1e0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84041621eb3e91fc-FRA
expires: Fri, 03 Jan 2025 14:14:11 GMT

GET
H2 200 5121.bundle.226ebee.js Show response
wsv3cdn.audioeye.com/v2/build/ 382 B
310 B 17ms
17ms Script
application/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/5121.bundle.226ebee.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.226ebee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Jan 2024 01:05:28 GMT
server: cloudflare
age: 443
etag: W/"65960458-17e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84041621eb4091fc-FRA
expires: Fri, 03 Jan 2025 14:14:11 GMT

GET
H2 200 874.bundle.226ebee.js Show response
wsv3cdn.audioeye.com/v2/build/ 193 B
224 B 16ms
16ms Script
application/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/874.bundle.226ebee.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.226ebee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 16:47:59 GMT
server: cloudflare
age: 3021
etag: W/"6579e03f-c1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84041621eb4191fc-FRA
expires: Fri, 03 Jan 2025 14:14:11 GMT

GET
H3 200 twk-chunk-2c776523.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 10 KB
3 KB 19ms
18ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1253410
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"70aec2dd89cac4933594c25b71d61f46"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8404162648af9a0b-FRA

GET
H3 200 twk-chunk-9294da6c.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 18 KB
5 KB 20ms
20ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-9294da6c.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea2c7fe5b9f379bd51bc7a9d6016ddc2f445164a3dd5738a319fbcc23402fa1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1253410
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"398211e86ba1f74c4421bde7a06fc780"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8404162648b29a0b-FRA

GET
H3 200 twk-chunk-f1565420.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 11 KB
4 KB 17ms
16ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-f1565420.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c88641b9f42816d463a74a4af860951637774fc17ae6280b3189c212aa949c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1253410
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"5e67f0f8c4d17726b853e1e19578021e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8404162648b39a0b-FRA

GET
H3 200 twk-chunk-2d0b383d.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 699 B
676 B 19ms
19ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2d0b383d.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1253410
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"838903127a65ec440893b4945c40ca4a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8404162648b49a0b-FRA

GET
H3 200 twk-chunk-48f3b594.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 19 KB
6 KB 22ms
21ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-48f3b594.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

171130288b9912be9b602fe27afeed79e4ecdf6ea7997ce8c97b0d5f5aba2359

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1253410
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"d1392466f248728bc183c96015db868c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8404162648b59a0b-FRA

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 906 B
662 B 15ms
15ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1253410
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8404162648b69a0b-FRA

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 535 B
574 B 24ms
23ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1253410
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"c506281367048d4a134c9affbc68c8c6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8404162648b79a0b-FRA

GET
H3 200 twk-chunk-24d8db78.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 110 KB
24 KB 24ms
24ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-24d8db78.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0db3a997bf0303354210ecb224dc7b4bb1f81d34aa95fd06cdf13498c265339d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1253410
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"1eaf1603955ff543fb810fe5edc51e58"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8404162648b89a0b-FRA

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame 60FE 13 KB
3 KB 21ms
21ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1253410
cf-polished: origSize=13594
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 21 Dec 2023 01:45:13 GMT
server: cloudflare
etag: W/"ce7913b80c763449b3895d46419f7a6b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8404162678cf9a0b-FRA

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame 9F1D 24 KB
5 KB 17ms
17ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1253410
cf-polished: origSize=24831
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 21 Dec 2023 01:45:13 GMT
server: cloudflare
etag: W/"5742a34aaab2a5983c7c11cdeef1c0ee"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8404162688d99a0b-FRA

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame 25A0 40 KB
8 KB 16ms
16ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1253410
cf-polished: origSize=40832
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 21 Dec 2023 01:45:13 GMT
server: cloudflare
etag: W/"cf4a08d496f49489af30571e3cbb48f3"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8404162698ea9a0b-FRA

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame E52C 76 KB
15 KB 16ms
16ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799596c2833003b4bd92b1454ba52de29fb4fd07edb07648d64e567b0d293f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1253410
cf-polished: origSize=78180
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 21 Dec 2023 01:45:13 GMT
server: cloudflare
etag: W/"0ab357443b798b4a1db6c4f22b1590f4"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84041626a8f19a0b-FRA

GET
H3 200 7-r-bl.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 60FE 15 KB
4 KB 16ms
16ms Image
image/svg+xml 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/7-r-bl.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

829c3296dcfd3fc1ab982e767f4f881db253f0beff4ff1e21f2c743d30cb2e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 188351
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 May 2021 07:25:17 GMT
server: cloudflare
etag: W/"e41a841c822541a77665bff4acff1052"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84041626b8fe9a0b-FRA

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
39 KB 37ms
22ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4439332
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230083-FRA
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19fDYpmPG520rsnz1hI1gFPEC3FYxTeHEoH8m5js1u2Y%2BWrbuuPlDnIKZI762TIa4nZmhB2gWBcnykZRlaCbjW15fz24UoFGtrSR%2BLRa38Bf6ZjslpE%2FWFWXQ%2Fk6raPOUGQ3rPg1bV4VUfF0NSE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84041626df5b1c73-FRA

GET
H3 200 tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame 60FE 10 KB
11 KB 127ms
126ms Font
font/woff2 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/css/bubble-widget.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://embed.tawk.to/_s/v4/app/65839862293/css/bubble-widget.css
Origin: https://www.cgmoneta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 10520
last-modified: Sat, 22 May 2021 07:25:13 GMT
server: cloudflare
etag: "054b3b66812d0a4b87ffc6776f0a42f1"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
cf-ray: 84041626baf20493-FRA

POST
H3 200 traces
telemetry.canva.com/v1/ Frame F723 21 B
547 B 120ms
119ms Ping
application/json 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telemetry.canva.com/v1/traces

Requested by

Host: static.canva.com
URL: https://static.canva.com/web/710014359820a03b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f56b35823a693646bf987ca07c9cbc4ff72a83b79b34595b20546b539795fdf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canva.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Jan 2024 14:14:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 21
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.canva.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrCeU4Zc3KFey8wSsKdb90%2FQ6Ejn7hwrybMOBxHAFWRWhzZvNubLlrOCPp1CizTwR6L2kI2du35nrEBv6gp9qUKlR9pWvqPi0DR0kDo%2F%2BaiBYp%2BLp3kwEtwSxKXRazaGVbCFR4BPgVWqKjrgkVHJbrk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
access-control-max-age: 3000
access-control-allow-credentials: true
cf-ray: 840416279a862bd9-FRA
access-control-allow-headers: Content-Type

OPTIONS
H2 200 traces
telemetry.canva.com/v1/ Frame 0
0 31ms
15ms Preflight 2606:4700::6810:e095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telemetry.canva.com/v1/traces

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e095 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.canva.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.canva.com
access-control-max-age: 3000
alt-svc: h3=":443"; ma=86400
cf-ray: 840416277e8a9273-FRA
content-length: 0
date: Thu, 04 Jan 2024 14:14:12 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itX%2BrUo%2B7OgQHnnFyUCjQ1GW2WmnkN1Rt4TE5ZtKDLnIEzJVY9%2BThCPgt6OAM0NgdGylxFcvYbUW2uFkdK5pHLxSnDIU%2BRfIgXLU2uu%2F3BraQGvm8EkMLa1czyCn%2FEmzDpVFDMcAv9JFXfFc8eD60Ew%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-content-type-options: nosniff

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 308ms
308ms Preflight 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cgmoneta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.cgmoneta.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 840416296da60493-FRA
date: Thu, 04 Jan 2024 14:14:13 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-bq6f

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
262 B 400ms
399ms Fetch
text/html 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cgmoneta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 04 Jan 2024 14:14:13 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.cgmoneta.com
access-control-allow-credentials: true
cf-ray: 8404162b5f450493-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-2bq2

POST
H2 204 metrics
rtc.multiscreensite.com/feature/ 0
0 102ms
102ms Fetch 3.222.32.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtc.multiscreensite.com/feature/metrics
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4049/editor/apps/modules/runtime/7.3b2f92fc36ac48f677cb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.32.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-32-116.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.cgmoneta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 04 Jan 2024 14:14:13 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 metrics
rtc.multiscreensite.com/feature/ Frame 0
0 103ms
103ms Preflight 3.222.32.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtc.multiscreensite.com/feature/metrics
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.32.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-32-116.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cgmoneta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Thu, 04 Jan 2024 14:14:13 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 launcher.bundle.226ebee.js Show response
wsv3cdn.audioeye.com/v2/build/ 80 KB
20 KB 15ms
15ms Script
application/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/launcher.bundle.226ebee.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.226ebee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c80f6ed48f39136091efaebeecff071918fb53b903584dc8c86ef533a26757f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 16:47:59 GMT
server: cloudflare
age: 2225
etag: W/"6579e03f-13e95"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84041634adc991fc-FRA
expires: Fri, 03 Jan 2025 14:14:14 GMT

GET
H2 200 compliance.bundle.226ebee.js
wsv3cdn.audioeye.com/v2/build/ 124 KB
35 KB 17ms
16ms Script
application/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/compliance.bundle.226ebee.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.226ebee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cgmoneta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:14:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Jan 2024 01:05:28 GMT
server: cloudflare
age: 666
etag: W/"65960458-1f04e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84041634adca91fc-FRA
expires: Fri, 03 Jan 2025 14:14:14 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: media.canva.com
URL: https://media.canva.com/1/image-resize/1/200_200_100_PNG_F/czM6Ly9tZWRpYS1wcml2YXRlLmNhbnZhLmNvbS9oTXJzOC9NQUUybHJoTXJzOC8xL3AucG5n?osig=AAAAAAAAAAAAAAAAAAAAACJbAZNtX4jIPMBR3z1m18fd3O-CeEUdew3RoIU84M-n&exp=1704394178&x-canva-quality=thumbnail&csig=AAAAAAAAAAAAAAAAAAAAAJPamviyWXgwcRiup5sgMz6IhkaEkywRkblmqJI5pQ1T

Verdicts & Comments Add Verdict or Comment

234 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.calendly.com/	1970-01-20 17:26:19	Name: __cf_bm Value: EbzeBn86WnwN50ixUH4KTRgdC_Vvn8MXWB20112bEe0-1704377647-1-AU8YrUDVdBcz7ZpQTU2AuFL+1V/a4PP3otslAEhBcWrRde7pZF1qXakpwsiFMiaT/T6jNagQo/Zas92QIGXzBPQ=
www.cgmoneta.com/	1970-01-20 17:48:11	Name: dm_timezone_offset Value: -60
www.cgmoneta.com/	1970-01-21 02:11:53	Name: dm_last_page_view Value: 1704377648639
www.cgmoneta.com/	1970-01-21 02:11:53	Name: dm_this_page_view Value: 1704377648639
www.cgmoneta.com/	1970-01-21 02:11:53	Name: dm_last_visit Value: 1704377648639
www.cgmoneta.com/	1970-01-21 02:11:53	Name: dm_total_visits Value: 1
www.cgmoneta.com/	1970-01-21 03:02:17	Name: _sp_id.a8ab Value: 93e021bdeea04130.1704377649.1.1704377649.1704377649
www.cgmoneta.com/	1970-01-20 17:26:19	Name: _sp_ses.a8ab Value: 1704379448765
.cgmoneta.com/	1970-01-20 17:27:44	Name: _gid Value: GA1.2.1328242626.1704377649
.cgmoneta.com/	1970-01-20 17:26:17	Name: _gat_gtag_UA_152012684_1 Value: 1
.cgmoneta.com/	1970-01-21 03:02:17	Name: _ga_0ZEPTZY19R Value: GS1.1.1704377648.1.0.1704377648.60.0.0
.cgmoneta.com/	1970-01-21 03:02:17	Name: _ga Value: GA1.1.1789402908.1704377649
core.service.elfsight.com/	1970-01-20 17:26:17	Name: elfsight_viewed_recently Value: 1
.linkedin.com/	1970-01-20 19:35:53	Name: li_sugr Value: 979d7ed1-923f-4baa-a64f-e2b26f323c7c
.linkedin.com/	1970-01-21 02:11:53	Name: bcookie Value: "v=2&c8057e60-b5dd-4aaf-8be1-fb0819d5b5e8"
.linkedin.com/	1970-01-20 17:27:44	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3160:u=1:x=1:i=1704377648:t=1704464048:v=2:sig=AQFujT2nZeVyz0IglCsoBnmKPpl1V4WX"
.canva.com/	1970-01-20 17:26:19	Name: __cf_bm Value: HfsvPGxkRzA3LlVkYx0AlQ0nj_JOwrJo_kQnE2OmTlc-1704377648-1-Aehdd6gmUOIyCKRhbtzaQh/2TsM1OElyeSXfnRAM6nWq5EGb4Vz0P7l8aOzV1sGAXUxJ9PBznecjq9UBHEE8yT8=
.canva.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 0r1E3ci51xdsnLo_ispPf6VZRsKdoy4TrPh92aV.WVY-1704377648960-0-604800000
.linkedin.com/	1970-01-20 18:09:29	Name: UserMatchHistory Value: AQLhK6Jg-p_EdQAAAYzU0weI-b_iJwWzABLAyvyTsrW0c_ZaeFOCDD8WdTjyp4Db0cVu7XsuCWD8eg
.linkedin.com/	1970-01-20 18:09:29	Name: AnalyticsSyncHistory Value: AQInN3YyhBRvwwAAAYzU0weIIYbqVsMIy4tJ7VJOGfR65y3U7gkKDuhWXLOdpHGm1QCSVPYOf3YbHSyuEFW4Gw
.calendly.com/	1969-12-31 23:59:59	Name: __cfruid Value: 95045f17c8d84d9f56e3c42692baf34f4675a67b-1704377649
www.canva.com/	1970-01-20 17:26:19	Name: ASI Value: 01HKAD627E0QBXAXDB19D3KTAR
.www.linkedin.com/	1970-01-21 02:11:53	Name: bscookie Value: "v=1&202401041414092bffd685-681d-4091-81e4-1310bf325751AQFyXlkfIoQqmHQUTuwnouitEU7e9zwm"
.linkedin.com/	1970-01-20 21:45:29	Name: li_gc Value: MTswOzE3MDQzNzc2NDk7MjswMjGJ+039KyiSuXGvyRTMC48WgOG6pJRXCnnro04clph04Q==
.canva.com/	1970-01-21 02:11:53	Name: cf_clearance Value: JDDSPNAnY2BmLAuLCvsf0AtzsSQnksuVRBdnjr0oMLQ-1704377649-0-2-b88beecc.8964ca7e.59f02361-0.2.1704377649
www.canva.com/	1970-01-21 02:11:53	Name: CDI Value: 2507a37b-5156-46e6-bc81-184ff4ed0dc9
www.canva.com/	1970-01-20 17:26:28	Name: CPA Value: cnvanXGwGeihtoksOiH3ix38O2sIVDW0c6WhNNP7KPkaUvTIxScHJLntqzfxrHaCm5kaa_jE-OL_Du2srUaCTahzPKQt-XcV7LIEVRAPTtDnaSzDi8DcUwhFbdpfjLg7RCk9I5g8H9prbh9R5QV0fz1ItapGnYQvqPsRrfVkv347QSsfWxN9ZT0vG4vdM26-85oJz3Gbef4_cxuH3_IeC6-6Be0dd_qPMkm8iQj8gxJkZSqL2DEw8hj9ntuuZ2o8HIVEaYlnKWkKIrQmL9iaQr506hp3CrI0902e8411
www.canva.com/	1970-01-20 17:26:28	Name: CCK Value: X4iGwt0bZv-S6j3JWA1Mgw
.canva.com/	1969-12-31 23:59:59	Name: __cfruid Value: f3d10e71510b79ef036ee97b6dd05a3bb5bdb90f-1704377649
.calendly.com/	1970-01-21 02:11:53	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Jan+04+2024+15%3A14%3A10+GMT%2B0100+(Central+European+Standard+Time)&version=202310.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=52e0d96a-dead-465c-873d-d61efce5b1be&interactionCount=0&landingPath=https%3A%2F%2Fcalendly.com%2Fcgmonetallc%3Fembed_domain%3Dwww.cgmoneta.com%26embed_type%3DInline&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
m.stripe.com/	1970-01-21 03:02:17	Name: m Value: 60d15b91-51a6-4dd0-bf21-aee647f5bf8055d43e
www.cgmoneta.com/	1969-12-31 23:59:59	Name: twk_idm_key Value: 2Lqz1ldc5QUZTGZp-kqiH
www.cgmoneta.com/	1970-01-20 17:36:22	Name: AWSALBTG Value: TbIYLxqoTj+WOczoJghT6mcrLmSs0enZoqSabfU4godx2DotoBfY7COP7CtmDWOz66lhzbCxL8I8jiXgIFPSMcR/BIn3bNu6R/LkxUOlTZcJumyP41HVRCYA9q75yzD7tkbUR0pPe5rcl+gTx4V8g1X4XUpVJzTeq4oZ0wedTut0PeRK+Zo=
www.cgmoneta.com/	1970-01-21 02:11:53	Name: _aeaid Value: 5e950932-6b4b-431d-b1d8-df60ea11d783
www.cgmoneta.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.cgmoneta.com/	1970-01-20 21:45:29	Name: twk_uuid_62ceb9207b967b11799955fa Value: %7B%22uuid%22%3A%221.SwrUUlDu5x0aZuSWGaz9kRqIebQ2hu0qbzDAdghXWS5f1BWhwil48LaDOCCJY4fQt3jUH7REpzv7SoUinkGG0uwWfx64aSqeV70T32jHyoRmPISLMOcPv%22%2C%22version%22%3A3%2C%22domain%22%3A%22cgmoneta.com%22%2C%22ts%22%3A1704377652201%7D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.cgmoneta.com/adhc-underpayments-client-intake-form(Line 3612) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://embed.tawk.to/61251c94649e0a0a5cd2b8b4/1fdsff8os Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://static.canva.com/web/2f20436accaa69f1.js(Line 303) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.audioeye.com
assets.calendly.com
calendly.com
cdn.cookielaw.org
cdn.jsdelivr.net
core.service.elfsight.com
d32hwlnfiv2gyn.cloudfront.net
d3v0px0pttie1i.cloudfront.net
embed.tawk.to
font-public.canva.com
geolocation.onetrust.com
irp-cdn.multiscreensite.com
irp.cdn-website.com
irt-cdn.multiscreensite.com
js.stripe.com
lirp.cdn-website.com
m.stripe.com
m.stripe.network
media-private.canva.com
media-public.canva.com
media.canva.com
notifier-configs.airbrake.io
o13855.ingest.sentry.io
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
region1.analytics.google.com
rtc.multiscreensite.com
snap.licdn.com
static.canva.com
static.cdn-website.com
static.cloudflareinsights.com
static.elfsight.com
static.ziftsolutions.com
stats.g.doubleclick.net
telemetry.canva.com
use.typekit.net
va.tawk.to
w.usabilla.com
wsmcdn.audioeye.com
wsv3cdn.audioeye.com
www.canva.com
www.cgmoneta.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.recaptcha.net
media.canva.com
13.107.42.14
13.227.219.101
13.32.99.71
18.239.69.61
18.245.60.28
2001:4860:4802:32::36
2600:9000:2057:6800:19:7d10:bd80:93a1
2606:4700:10::6816:1883
2606:4700:10::6816:455f
2606:4700:10::ac43:1653
2606:4700:4400::6812:2089
2606:4700:4400::ac40:9251
2606:4700::6810:3865
2606:4700::6810:5714
2606:4700::6810:e095
2606:4700::6812:1c9b
2606:4700::6812:1d9b
2606:4700::6812:82ec
2620:1ec:21::14
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c0d::9b
2a02:26f0:3500:16::215:1486
2a02:26f0:780::210:a469
3.222.32.116
3.67.141.185
3.89.82.132
34.120.195.249
34.223.218.178
54.187.159.182
54.201.135.255
63.33.7.61
65.9.94.137
65.9.94.26
65.9.95.114
65.9.95.58
65.9.95.89
01a66f314327c44281f84d65a39b9473117ef5e91035f9c1b9554b63431242c6
032d73b4379079c5e590ee47252a042cc4aa47e6fbd6792a3a6f35114a75a7c3
078948e601a270824f2ef594d21304409c880bb8a2556d68cfde07271d000d17
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0db3a997bf0303354210ecb224dc7b4bb1f81d34aa95fd06cdf13498c265339d
0e262d9074dcb017c9104a3f9e261a75ef85cc9f1cddf45738186771b633400a
0e49fda2bd85b11f009159efaac08b9a1f96441ca81c6f0f420bbc01a6488b48
0f725096e288c94faae2daf7983e568f76cbce5e3f4303a5a9cc9d4bdfc7cceb
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
125ac5802faf3b59ed95e45d5ddb209bf43bdce4bccf40824fb8b8be1a721f75
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
154a9fab4c86a78b1af9128c9481b0459f7cc73cd56121e5be02d7cdd691987b
171130288b9912be9b602fe27afeed79e4ecdf6ea7997ce8c97b0d5f5aba2359
1a93c699753b0524b85e9854d322063165a64a12ebce12ec8ea6a82f6234b999
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c88641b9f42816d463a74a4af860951637774fc17ae6280b3189c212aa949c4
1edc6090fdd977907affc372b84db4d4a5fa78f625ed1aca3363a4b38078c02f
2019dd1a4024295a8f1bc1dc47fff7de74c19f566482e2775e04aaf041e9d71d
20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75
221f1816ebb7a87ef915cd7a2e091cb0a14082b7ac494039d4e28d29ce384e83
23d7912e30cca1831cdf2e9270ba71f9a540e37f3dd989585df54e7906537e97
23f28a69786f743cf01c9d6e37a91b9990c412d6fc731d4afff7decb89fa2368
252458ca95d1b4ebb463113ddaf8be2331453431243c0ef8196eef04da4dcf1d
2731401c09a420891d2c42c8b6e68f20044019edfc3db309bc4684a3011c34d0
28b153de5b0a3d9b6531a3c6e4cd3c181e92025fb2824919b0139347c94493cf
2b351fe1e6843dcb15b8895144bf1825a4695ff99128eb086b522ed959b0e01c
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
2c3f43f9e433cc7dcf72557510e28f069ec93162a399793e6610b7a7f97a70cd
2cea83a54504412e2419af43d32b5344757c2a052ec24244e8eff51b8e0ebe64
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
3011f19b99f0f0d784da7c9d84d801726fe27d87f8ed8008b0b871ddaf2072a5
313ba33d88f1598dcbeb16679bde5629c48ddb2f42888619a6b9172600440abb
31e2f45b3caeba8c96e1d3de4269cd3f410e29e40abaf5ae2f1fdfdbf628bc80
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
394c0bddc899c04cfa8a8f958b1fded78ed4045aa5c47d1a14b074dfed975fef
398a621206860aac599d63c3049386b237a84dee633b783c5dbcabcf5db091fe
3a704aa73eaf482d3533b5711f68fb5b9e8a33a17a22d85a21a035b76a068f50
3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a
3bd68c785340bcc6327fcba943670d7e70022a25aef46af666d5d945ca365a93
3bda2b2d1219e31125f948d0e43e3d45980db9184b1224e08c9ac0fcc871dfbc
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e32aea52247a81c38b4735e84a28ba27b0cbc33f007a1d14e81e64ba766eadd
3eb9b294b344cf47c2af14fafe8528fccc545cb25b9325802a3bd1b0696171b6
3f3fe9842edf7f8240031c134670cc14e2227568ce15089e5d1f8a7ca7d1e6ea
41efb03115df0cd1aec6d2a3d54e1d5882e0e66dcfbb3387b17ee979acc19528
42221f444077a949193481b1557731609989babddf5ad7e6fc222f1b377e8932
432d3ceb04bc5bb9c94242a57a06211ab0cbe6168af26354223a9b57df4266f0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4445ac2ad3033e388507e63143292102d267d60ec29d23e1406e2fe975b7fe96
4498753b0459953569f15b6ac7346646d8c0dea0d582c93402b318402f907474
4587c9ec2c976da6c06f6862ebe5695ce3aed04bb0bf51ba84d0dcbcee2b66ca
4737e970e7344d8bf4ee6760b4a0dd29c21c1899a7c34dbe1e10cb2893834f5a
47ed7727f89b6ab6ceacd105e768619250af87b2242ab048a18dc2db26e80421
487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586
49b56be5f9301b8299d1c6528b53ab55e382eddb2a7e4d7bea8ecd9ecf7adf6f
4e1bc6d2ef60d701eae8d697ded42adc11642c299b3406a617b9ab3be6fabcf1
4f9e9ae956ffab2981f954cf29a01f69353508687b3d7f9696dc502155b2a569
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
50de36e4889fa79fc4893345436a6e48b4d1453e6664e4823ab97cf0521196b0
587e53033e66207407f9108a4f3aee7827cc50a0de5a64ec769c75fd47f90a90
59addd6541710bda3097d093e36bedfb1812c195445e8bd49c5f35df33262abf
5f670086cdf147a14d8a38f7da8aeb55823916f04aacabfa11f95508789c0cf8
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6111dbcc6b2d40c346f9265818f75400050939fc0910bc7d0f3921e2ccfa884e
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
646c9c575c477ec1fc64f3df83af60acea3a0ecf4f6dd2c7202a32e8e115ada9
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1
6f27577dcfd3d4bccab15c4798d218e9be30ed9ed5adacf4cbf5b686fd3ffb92
702fbc7df28b5e475184aa63bae93fd2d686053455a7e359c71ca560c3f1ff78
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
73d0e42130afbf347a5913bb2d3c29ae6dbd2c870191f596c218953accdeebeb
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
76b79f2d6a7ce7b96781d64c0034832738a8e3b3663d74801b30f0cd4c2175a1
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
799596c2833003b4bd92b1454ba52de29fb4fd07edb07648d64e567b0d293f85
799a7b38f0ce983589a982c1fc3f539187d446967498eb011a5dec505df07bdf
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc
7d592f442f31831cd13e4b8fb407216d5d3a7c6cfc9f0a35dc63bb246742cded
7df559f51aab78c9842bd765d911ac6a258b2a2da0dec3c24ae18642aa88564f
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
7f803337d01a657607bca6b20e06f371c3895b36a5f2be03a8fa9b5e16c9a83e
829c3296dcfd3fc1ab982e767f4f881db253f0beff4ff1e21f2c743d30cb2e8e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87d7cafe6a8b148d77a2192fc3d017c3e9b5e6d693b20098cf743499a1708a2c
888f11364e81b5de54f8bcfa5b1da31ae7f97ce41f77c1972528811e2cf35892
89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3
8cc186381f104da5fe30dc67456f17b97d0703ffdaf304dc0418bd11a046cdfa
8d71c24d09c0125f4be4e6da48e03948b3da4edce08e52d232db0b0cd3c784c6
8ea98b82eb62795846fed9452c40531d668dd519e29633c196905d6f5af8d846
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9467e711a5c66d65c92fa84b2eea6b146c01bf5fc72de45ffd5248cc2c08f19e
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
9be86c1213ce98f6bb2c97258ed2afefde36041258852f9460c83ac88270aed6
9d256a3f00b21d2f1385fa4a8069538fe846fa9b7a862b13306ec918c999b605
a0d94dfb86d686fa5c7a0ae58ab81d05e42e026f92113d2037e70bbf37bc5da8
a14854a5e198f939ca07cf5fea4418466f196a1dfa72e829dfe0157850d39392
a2664a4943793f01857aa918698cc3486caaf1d67db65cc22ea1230342c993fb
a56c6ae07dda2c74a4af952a7705a6e94ba3a4bf2e0f32453593080259e1aa8e
a610b58614ef68b5d1a48318f93730fee5b88d1ed415e20960a21a06d3169a99
aa91f04e209f1a3f6a7d81d3f53090b9fd6d3b63c12ee1ae5dce4292e326577d
ab564ccef2a5da9e06b41adbceade2802671601bea61b27f9d01aafd49ef99c6
ae5849b3e31df5d935556c4c19fcc98f5eaec2c9dc65f7f526981e3fb3573a41
aeb9307c39bd0783b05b8ef1f00cdbc7290f0095068cc51b938d1fc681a8cb85
afb56f03f1f14f412565f7750d2e602932e99da1716836842deb3fce25815868
aff6acb5388dd1b2527f81a3ceec1b1544964f9bfab7738ebfef7f7dc36ff6a3
b11bb1c127012d3fd77e3ec2877936533e5c8fce15137a8dbddf7acbd0107f4a
b46763c688491c4ec977fef0c618e12d8e04291ab07457b1dd9c2a3603a10039
b5fbc53b30d14e6c6b97c498de6fe0ccf81a8356b5a83fb42207122b0ea625d3
b72ad127da3e5744f29c12b2a40a0165129ae00a7aa7dc32f1def9dae955fd2d
b72f5e67cf7a44d3840970e60d44e395a79b37aee59f43d2143f91463af5c80c
b7684ef5ef7ee0d536403226f29a0d97d394ea2bec8877983a3f2da6d4665432
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
babceb84f686bd4e9dab63be7a2bb76f5ccd0251337ff1584357d2eb1df30825
bac77166a80b9444c3f91de078ad9673f4102c9180374de58b3e9d55161ef451
badbc73aa47546ff0fc36e1443c8b120a75140bd9deba3f4dab88b7d2cc535bc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd885fd2c15f6d7991ceb02e1196bd63e9fd2992d65c2bc3b332fbd626336455
bfa64446df48eed7c07047cf45efb5f9ca2be8eece189832cf2705c405017ec3
c38a8377590cd40c9e99dd615f8a964dcb3778b2fcc1fb56b826bb52d304f2da
c3d25baae1c76af26f76b14f103a4c652f50f2a2c37d1ed3d524dc49f2af8e8c
c439891e9ca959c88a76af5bf4ffcf654f0e031d45d609046cf78d4a20900471
c44317c998f6c63d299352e52ac189e563167efb05a0f7302d39744b77ebea8f
c539a052bb796aae20cec8e40ea3cf6431ee917b292e981785cdb4f27c5aa41e
c6de703f8ee214808496dcd92795ac8971782935ed75abdd5624c814e69daaea
c80f6ed48f39136091efaebeecff071918fb53b903584dc8c86ef533a26757f1
c84de7e52d68bd3b651219e7085236babc85a0c7c79f21a14f0cdddbd0fb4b4c
c98e3d81d13a653b48a114769a6b2806be2b8a36262cf5b1b4ccdedbc22e4e18
cc6ce7ed2f957c5973407c566c3bde76ee0c33b6cef301e6e9cf079b15c75d0a
cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd
cdb1ac36dd2829866f08390c3e81d461cb56d55d2560e64363492ffb5c3403fa
d21d6512b1e852644a8dfc3e0635054083b4e58060e20d17ed955d18cd9df5a0
d2647b69391c43bb261499c03d1fdf45b6be4eb7b27e404b52fcd73af15172df
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d41624e9721619a0dbe00d0fd9c0175a8f97c484aab61117db7246f69b7de9ba
d79401585d50c8e625f6abd3c443cdd31f1ec73cc7f7f570d3330dc706f433f7
d84bca3e5fd4f5cdc0d0d889e33b3feb68e9055797353af5061609a95b2ef30a
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dff9856e494b542b5a6bb32ff8cc6bc600fb37106d86525fffb038bf103c73fa
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e2af142cf880e42cc63699e631bbbbc2c16f9ecdb14b8310e5d70799567fed2b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f77e0cb05e32cc652c3937a0b34e52567cf37401d9a801ca3f50239033272
e71ad441d3743415616e89da3ed1b5e524c9014065e0628b49330b8f4992219e
ea2c7fe5b9f379bd51bc7a9d6016ddc2f445164a3dd5738a319fbcc23402fa1d
eb3a62140e15c0ae94ced7e32c1b9f373601371a313fe6f4836d993463f57204
ec6a3bc8c0aa64b20e093b968f3a4ea470b942e931f38cf5e1d41e1c2ecad87a
ec860a2bd7ea606d4b1573e5276be0d88d325b8a7d293929460e18eab30514fe
ed5867f796cb157cda1c92a5d08899f9313c2cb4b4bec37c4e06cf7d8ad57a4a
ee8a52c351d1c584078c4efdea9d63e559e4c6bcaa30f2cb65f8bbb009fca672
ef072b9ae1b3c29f94781c86bcdfdb71c1e06bbc7a2f05bc65dcfa2eefdde02c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6ec065a844b4be0a42913b9ba9b32757576fba278a1ebac0bbb4c3f1688e98
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f56b35823a693646bf987ca07c9cbc4ff72a83b79b34595b20546b539795fdf0
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f79479236fb92f5507db8d2f7230c48b27f6609354ace7c26e1e32a04ed0f806
f7a3e3bc4958ecbc5cad7122e62d2d9658197eb70331e8c512ed0b8e4a7b18b9
f8ab013b3fd566fdd457b27613864d32d00a0a2bd5d888ea3b754381d8dc8683
f8aef9b50ff2a6111cb98dc8bf1ed71c04964ef7e1fb8e8b82eee2516e288d2c
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663
feeb83e3a11fb74465e062a5081f1f6f573ef66197f218a3a86447fefe3166f6
ff1bae178d0e5d1c10e0032445b558c79d430f4b62a6ee8fad1395a195530368

www.cgmoneta.com Open in urlscan Pro 3.67.141.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

210 Requests

97 %HTTPS

56 %IPv6

29 Domains

51 Subdomains

42 IPs

4 Countries

5387 kBTransfer

13949 kBSize

36 Cookies

6 Outgoing links

Redirected requests

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cgmoneta.com Open in urlscan Pro
3.67.141.185 Public Scan

Screenshot
Live screenshot

Full Image

210
Requests

97 %
HTTPS

56 %
IPv6

29
Domains

51
Subdomains

42
IPs

4
Countries

5387 kB
Transfer

13949 kB
Size

36
Cookies

210 HTTP transactions
3 data transactions